The Sarbanes-Oxley Act (SOX) was enacted in the year 2002. Its purpose was to make sure that organizations implemented and documented their systems for internal controls and also to make sure that these internal controls were monitored and audited. Majority of frauds that have been discovered are caused by weak internal controls. Companies are prone to both external and internal threats. SOX help organizations in setting up corporate governance and internal controls which enhances mitigation of some risks and also positions the companies to identify and exploit business opportunities. SOX provide a guideline for setting up strong internal controls while promoting corporate governance.
Companies that comply with SOX experience some advantages and also disadvantages. The advantages of SOX include the production of quality data, introduction of some guidelines that have helped reduce the financial cost, reduction in restatement of financial statements, efficiency in financial reporting procedures and quick decision making process by managers. The disadvantages of SOX include very high costs and wastage of time. Complying with SOX requires following a set of procedures which require more personnel and extra time. SOX have come up with new guidelines to help reduce the overall cost incurred by the company through extra expenses and additional audit staff, but it is still costly for a company to be SOX compliant.
I agree that SOX is effective in the mitigation of risk. This is because it strengthens the internal control systems of a company. A risk assessment test is carried out on financial statements by measuring the likelihood and magnitude of a misstatement. The results are used to rank the internal controls being considered, therefore, enabling the selection of the appropriate internal controls system. Managers are therefore, enabled to know which areas require more attention and consequently focus their attention there.
