Question

Please discuss the impact of the Sarbanes-Oxley Act on the AIS's of small public companies. Remember, some public companies are so small that they have only a few employees.

Thoughts to consider:

1. Is compliance worth it? Maybe better to go private?

2. What are the AIS requirements for SOX compliance for small public companies?

3. Can you find any examples on the web?

4. Do you have any personal experience with the issue?

5. Is using an ASP (Application Service Provider) always the best choice? When is it, and when is it not?

6. What are some specific software options? How will those options assist with compliance?

7. How do the various standards (e.g., COBIT) relate to small public companies?

Answer 1

The impact of SOX on Small Business :

   The legislation has had a significant impact on business especially smll companies looking to grow and expand their operation . What is SOX requirement ? SOX wants company should implement strong segregation of duties . This mean One person can not be involved in all work and can not do misutilization of fund and money.

Major challenge to implement SOX in small companies is COST . Increase in Operating cost when small companies are meeting SOX requirement . Small Business must develop their own Internal control system strong and develop Internal Auditor who can review internal process , operating activity and safeguard assets.

In 2002 , SOX act implemented mainly for safeguard of Investor . This legislation relates to business and accounting practices of publicly help companies.

So Private company or small company who does not have plan to move to Public no need to implement SOX compliance.

In case of small companies they need to look into two important factor – 1 ) Whistleblower policy2) code of Ethics

Private as well as Small companies main concern is cost to implement compliance regulation.

Connection – Effectiveness of COBIT in case of Small Companies – Before give answer the above , We need to first identified the importance of COBIT – COBIT is a guideline to ensure Quality, control, reliability of data , information system in any organization .COBIT mean control Objective for Information and related Technology . It is framework developed by ISACA . How small business will gain after use this COBIT: While small company at growing stage , appropriate governed IT facility minimise the risk and maintain at appropriate level of agility . This good governance ensue that the board is more familiar with IT function and make proper strategic plan . With help of COBIT , the organization must identify about needs from IT and how expansion can help to meet those needs.

COBIT 5 provide more structured process to smooth transaction and ensure that growth is possible with knowledge , disciplined and engaged Board also.

This COBIT 5 definitely help to set up a structured process to smooth the transition and develop framework and provide continual improvement in Life cycle.

Application service Provider – ASP main advantage included reduced IT Capital Expenditure and easy software and hardware maintenance . ASP is a business providing computer based service to customer over a network . ASP is good in general sense because it provides low cost package solution via throughown website.