What keeps your CEO up at night? It's risk!! What are some of these risks? Of course there are always the financial and competitive risks. But now, because of the Sarbanes-Oxley Act (SOX), the CEOs and CFOs of public companies must certify their company's financial statements. Also, each year they must certify the effectiveness of the system of internal controls mandated by the Act. In the past, top management could claim ignorance of their organizations' operational failures. This no longer holds. Lack of knowledge of problems is not an excuse. And, top management is now risking civil and criminal penalties. In October 2003, Paul Palmes and I wrote an article for Quality Progress describing how quality and environmental management systems (QMS/EMS) can help top management maintain effective corporate governance and satisfy the requirements of SOX. Since then, the SOX-Q/E Team has been formed to identify how ISO 9001:2000 and ISO 14001:1996 can be used to reduce the risk that CEOs, CFOs and the Board of Directors face when complying with SOX. Note that any comprehensive quality and environmental management system such as the Malcolm Baldrige Award criteria can be used in place of the ISO standards. Our review of SOX identified the fact that Top management needs to obtain better information about the effectiveness of their organizations. The Act mandates a system of internal controls to provide management of risk in the organization. A system developed by the COSO Committee in 1985 provides the basis for internal controls used by many organizations. This system is the foundation for good governance which preceded SOX.
展开▼
