The initial shock of the new law may be over, but an expert says the act will still spur companies to spend more this year.
Staff Writer, CNET News.com
SAN FRANCISCO—Software designed to automate the process of complying with the Sarbanes-Oxley Act will be in high demand this year, a regulatory expert said Friday.
Sebastian Goodwin, president of risk management consulting company Ensurity, offered his regulatory compliance crystal ball during a session on Sarbanes-Oxley at the RSA Conference taking place here this week.
Goodwin said that companies are catching their breath after a key section of Sarbanes-Oxley kicked in last year—but they're also now preparing for long-term solutions for dealing with the law, which aims to make corporate accounting more transparent. Software makers can expect to see a rise in IT spending this year, Goodwin said.
"Some of the analysts and chief security officers I talk to say they will be spending more money on Sarbanes-Oxley this year," Goodwin said. "Some of areas will be business process management, document management and software packages that automate the processes that they developed last year."
Similarly, analysis company Forrester Research has forecast a 7 percent increase in IT spending this year, in large part because of regulatory issues such as those brought into play by Sarbanes-Oxley.
In particular, Sarbanes-Oxley is expected to be a boon for security vendors, in part because corporations can be held liable for the inadvertent disclosure of information.
"The key to Sarbanes-Oxley is protecting financial systems and ensuring no one can tamper with the numbers and controls are in place for accurate financial reporting," Goodwin said.
This spending rise is expected to come as companies meet Sarbanes-Oxley deadlines and regroup with new strategies for dealing with the compliance process. Last November, public companies with a market capitalization of $75 million or more were required to comply with the regulations by the time they issue their annual financial reports. And for companies whose fiscal years end Dec. 31, that time is upon them now.
Smaller public companies with market capitalizations under $75 million must comply with Sarbanes-Oxley after July 15.
Goodwin noted that companies affected by Sarbanes-Oxley this year will have to engage in real-time reporting of material events, such as the resignation of a chief executive and significant product launch delays.
Goodwin also reminded listeners that companies will increasingly have to deal with auditors who go through their financial audits with a more microscopic approach, now that the industry has a better sense of what is required in the regulations.
As their feet are held to the fire, companies will want tools that make compliance easier.
"I've seen companies hire 20 consultants to get them through the process of going through their database to match human resource records with the employee names in their database," Goodwin said. "Those companies will be looking for a way to automate that process for next year."