Business Process Library Q Business Process Management

From Q-BPM
Jump to: navigation, search

The SOX Act refers to federal legislation in the United States that imposes stricter guarantees of the accuracy and transparency of corporate accounting processes and financial reporting with the goal of protecting investors. It was enacted in 2002 as a countermeasure to a succession of cases of improper corporate accounting.



The formal name of the SOX Act is the Public Company Accounting Reform and Investor Protection Act of 2002. Named after Senator Paul Sarbanes and Representative Michael G. Oxley, who were its main architects, the Act is commonly known as the Sarbanes-Oxley Act or, shortened to its initials, as the SOX Act. Simply put, the SOX Act obliges all companies listed on stock exchanges in the United States to be impartial in their accounting, and to accurately reflect the results in their financial statements. The following are three critical points in the Act.

  • The management is required to address the issue of internal controls to facilitate accurate financial statements (Internal Control Reporting)
The Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) are required to prepare and evaluate valid internal controls for financial reporting, and to submit reports on the following three points in the annual financial statement:
That it is the responsibility of the executives to prepare and maintain internal controls for financial reporting;
The results of evaluating internal controls for financial reporting (at fiscal year end);
That the external auditor has issued an attestation (certificate) report.
  • The management is required to attest to the fact that the financial statements for their company have been drawn up in the proper manner (Management Reporting)
With regards to the disclosure of financial statements, the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO) must personally sign a statement to the effect that the corporate financial reports have been accurately prepared, and submit such documents together with periodical reports, annual reports and quarterly reports to the U.S. Securities and Exchange Commission (SEC). In case of non-compliance, the following penalties apply.
For violation, fines up to $1,000,000 or up to 10 years’ imprisonment, or both;
For willful violation, fines up to $5,000,000 or up to 20 years’ imprisonment, or both.
  • The company’s internal controls must be audited by an external auditor and an opinion must be obtained. (Audits)
The external auditor must attest to (certify) management evaluation of the validity of internal controls for financial reporting. The COSO Framework drafted by the Committee of Sponsoring Organization of the Treadway Commission (COSO) shall be used as the audit evaluation standard.


The background to the enactment of the SOX Act is found in the improper accounting practices discovered in the late 1990s and early 2000s, including the Enron and WorldCom scandals. Large numbers of investors suffered losses in these and other similar cases, and the need arose for drastic reforms to the auditing system and the state of corporate governance.

The Issues

Problems with the SOX Act have been identified; the main one being that the cost of complying with the SOX Act is too high. The SOX Act applies to all corporations that are listed on the stock exchanges in the United States, but there are claims that perfectly healthy small and medium-sized corporations are put under strain by responding to the SOX Act. After receiving indications of the problems, the SEC has started to review a part of the SOX Act and released guidelines for easing the rules at the end of 2006.

The J-SOX Act

Influenced by the SOX Act, Japan is also developing regulatory reform for internal controls and preparing laws concerning financial reporting and accounting audits including the enactment of the Financial Instruments and Exchange Law and revisions to the Certified Public Accountant Law. The J-SOX Act refers to a collection of laws that is concerned with a series of internal regulations. Basically, much of the content conforms to the SOX Act.

The Relationship between the SOX Act and BPM

Introducing BPM is an effective way of dealing with the internal controls required under the SOX Act. With BPM, each business process is clearly defined, and there is accurate understanding of the people and information involved. It is possible to visualize the business process by modeling business flow and to clarify problems that occur. BPM is comprised of the five components of internal control proposed in the COSO Framework. Since BPM facilitates visualization by modeling the business processes, it also facilitates compliance with certificates and other "documentation" required under the SOX Act.

Related Articles


What links here
Related changes
Upload file
Special pages
Printable version
Permanent link
Questetra BPM Suite
Workflow Sample:Hints on Defining Workflows for Business Analysts and Managers.

General nouns | Proper nouns | General-purpose business process | Core business process | Business process for support administration
Q-BPM This website was started by Questetra, Inc. for businesspeople all over the world, who are interested in BPM, but spend a great amount of time on the search of a lot of books, documents, and difficult terms. By saving the trouble of looking up a number of related terms or the time of searching documents, Questetra, Inc. hopes to contribute to businesspeople, interested in BPM, all over the world. Questetra Inc. Q-BPM exemplifies various Sample Processes regarding Business Flow in companies, and support Business Flow Diagram making. (* Business Flow Diagram: Business Flow Chart/Business Diagram/Business Process Diagram) This is Cloud-Source type information sending website that invites collaborators all over the world. In principle, contents in this website are public on the basis of the license called “CC-By SA,” which means “possible to copy under specific conditions.”

Powered by MediaWiki CreativeCommons By SA