Sarbanes-Oxley Compliance - Seven Questions For Executives & Boards
"It's vital for board members, chief executive officers, chief financial officers and other senior executives to identify and manage business risks that could negatively impact company operations, endanger long-term shareholder equity and hinder efforts to meet new corporate governance guidelines," said Everett Gibbs, managing director for Protiviti.
Gibbs advises executives and board members to ask themselves these seven questions when evaluating business risks and adherence to corporate governance standards:
- Have we evaluated all business risks and their potential impact? - Gibbs explained that while risks are inherent in any business, the key is understanding their impact and assessing potential setbacks that may emerge, such as short-term productivity slowdowns resulting from the implementation of new technology systems, or intellectual property issues that accompany product licensing. "Board members and management must be in complete agreement with regard to the specific risks their business will incur and how to manage and monitor them," he said. "Any lack of clarity on these issues, or failure to develop a plan for addressing them, will create problems later on."
- Have we assigned responsibility throughout the organization? - Employees at all levels must be given detailed descriptions of their respective responsibilities to monitor and manage business risks. "Personal accountability begins at the executive level but should extend to every employee," said Gibbs. "Empowering staff members enables companies to grow but must be accompanied by effective corporate governance. Top-down risk and control awareness must include documentation detailing the chain of accountability."
- How involved is the board's audit committee in selecting and overseeing internal and external auditors? -"It's incumbent upon the audit committee to guide the process for choosing internal and external auditors, and to create the proper oversight structure for their activities and interaction," said Gibbs. Audit committees should address issues such as staff qualifications, budgets, methods for evaluating internal and external auditor performance, and support within the organization for these functions. Use of independent parties to advise audit committees will become more common as these responsibilities become better understood.
- Are we encouraging responsible behavior among employees? - "Ensuring all company activities are conducted with integrity is fundamental," said Gibbs. "Senior executives must be personally accountable for promoting company values." Specific steps to consider include establishing and enforcing an employee code of conduct, implementing a system of appropriate checks and balances, taking timely disciplinary action on ethical violations, and executing focused internal audit procedures.
- Are we rewarding employees for achieving corporate governance goals? - Gibbs noted that establishing personal accountability calls for a correlation between employee performance reviews (and compensation) and expectations for meeting corporate governance objectives. "Companies must put into place measurable incentives, such as salary increases and promotions, for staff to adhere to and promote strong corporate governance principles," he said.
- Are we looking after our shareholders? - Gibbs recommends boards and executives put in place an oversight structure that balances prudent risk taking to maximize growth potential while ensuring the long-term protection of investors. Today's boards must be able to describe and quantify risk profiles and be able to articulate the value proposition to shareholders for assuming corporate risk. Risk deemed intolerable to shareholders should be mitigated by measures such as insurance and disposal of the operations.
- Are we aware of activities that could impair our company's image? - Accountability for social responsibility is a key element in corporate governance. "It's critical for the board of directors and senior management to establish a strong record of social accountability, recognizing that it not only enhances corporate governance efforts but also bolsters the company's valuable brand recognition," Gibbs noted. Examples include providing exemplary customer service and producing goods that are environmentally safe.
Protiviti (www.protiviti.com) is a wholly owned subsidiary of Robert Half International Inc. (NYSE symbol: RHI). Founded in 1948, Robert Half International is a member of the S&P 500 index.
Protiviti can assist companies in complying with provisions of the Sarbanes-Oxley Act by helping them to identify, measure, monitor, and manage operational and technology-related risks they face within their industries and throughout their systems and processes. Protiviti also offers a full spectrum of internal audit services, technologies and skills for business risk management, and assists corporate board members in addressing corporate governance issues.
Protiviti recently issued a bulletin on the importance of personal accountability in the new corporate governance environment. For an electronic copy, call (888) 556-7420.