Four key concepts to consider when using advanced reporting solutions in your SOX program

While some emerging technologies are still on the road map, others, like advanced data analytics and visualization, are already here and actively being used at organizations around the globe. In response, the Public Company Accounting Oversight Board (PCAOB) launched the Technology Innovation Alliance (TIA) Working Group to advise regulators on the impact of emerging technologies and provide recommendations for PCAOB oversight. 

Are the IT components of your Sarbanes-Oxley (SOX) compliance function ready to respond to changes in the risk landscape driven by emerging technologies? In this article, we highlight one of the most widely adopted emerging technologies and provide recommendations on how to identify and address relevant financial reporting risks. The next article in this series will help you consider relevant risks with bringing robotic process automation (RPA) to your SOX processes.

Advanced data analytics

Few would dispute that today’s organizations have access to more data than ever before at their disposal – firms interact with customers, vendors and employees – all through digital channels – dramatically increasing the availability of data, yet, organizing that data into actionable insights is difficult and costly. Advanced data analytics software may be the solution – by simplifying the data structuring process, via tools like the Snowflake Data Cloud or Amazon Redshift, and presenting data in user-friendly and interactive dashboards, with tools like Tableau or Power BI, firms have access to reliable, cost-effective and scalable data analytics. But with simplicity comes opaqueness, end-users don’t have a clear line-of-sight to the data collection and reporting process. How can firms and SOX compliance functions be confident their reporting is complete, accurate and reliable? The reporting stack can be broken down into four key concepts that compliance functions should consider when managing advanced reporting solutions: 

1. Source data
2. Data warehouse and data cloud solutions
3. Dashboard reports and data visualization software
4. Interactive report output

Source data

Reliable data is critical to ensure your SOX controls support accurate financial reporting and as the saying goes, “garbage in, garbage out." End-user reporting, whether custom queries, dynamic dashboarding or standard system reports, is only as good as the quality and reliability of the data entered into source systems. When key transactional or master data is entered into a system, it should be validated in some form to ensure its accuracy and validity. Without a means of establishing reliability in source data, organizations should question the completeness and accuracy of reports used in the operation of internal controls over financial reporting. Specifically, management should consider: