Since 2002 when the US government introduced The Sarbanes Oxley Act (SOX) in order to reduce corporate fraud and rebuild shareholder confidence, most nations have introduced their own versions of SOX.
Companies larger than a certain size need to have in place procedures and controls to prevent fraud. These include implementing Segregation of Duties polices to prevent users being authorised to access combinations of business applications that might enable them to commit fraud such as being able to set up a friend as a supplier, entering fictitious invoices then authorising payments.
Most medium and large companies rely on highly complex Enterprise Resource Planning (ERP) applications to manage their businesses. Some of these provide complex and inadequate security controls to prevent fraud, yet many CEO, CFOs and CIOs were blissfully unaware of the risks to which their businesses were exposed. The penalties for such inadequate controls included substantial fines, collapse in share prices and even lengthy jail sentences and complete company obliteration in extreme cases.
Working with a specialist software company I researched the market, wrote numerous white papers on various aspects of Governance Risk and Compliance, gave many presentations at conferences around the world and ran more than 300 Webinars (on-line seminars). These were to educate managers about the risks, advise on controls they ought to implement and recommended software solutions that could provide the protection their businesses needed.
The CXOs also gained a very welcome personal benefit – they would stay out of jail!