Nearly three in four organizations are looking for ways to further enable automation of their SOX compliance processes, according to Protiviti’s 14th annual SOX compliance survey, which also found that 58% said they spent more time on SOX compliance in the past year.
These findings underline the increasing pressure organizations are feeling from the PCAOB and external auditors to increase scope and procedure, as well as from federal regulators, including the SEC with its recently released cybersecurity disclosure rules and highly anticipated climate disclosure rules still to come this year.
“The SEC rule will inherently increase disclosures related to cybersecurity risk management, governance and material incidents,” said Andrew Struthers-Kennedy, a Protiviti managing director and global leader of the firm’s internal audit and financial advisory practice. “With a quickly evolving cyber threat landscape and an increasing vulnerability footprint for many organizations, cyber risk will remain poised for having a material impact on financial reporting and SOX compliance.”
Companies prioritizing automation as a key tool to moderate rising cost pressures are experiencing increased efficiency, effectiveness and a decrease in business and operational costs. Yet when faced with automation opportunities, many audit and finance leaders cite lack of time to explore automation and enabling technologies due to other priorities (39%), lack of effort to implement, train, govern and maintain the new systems (34%) and lack funding and/or executive buy-in (31%).
When looking at ESG more closely, the survey found that 37% of organizations are already disclosing ESG metrics, but only 16% have added additional controls to address the SEC’s proposed climate change requirements, a number expected to increase significantly in the upcoming years.
Source link
