I recently re-read a 2006 Harvard Business Review piece by Stephen Wagner and Lee Dittmar entitled, “The Unexpected Benefits of Sarbanes-Oxley” and was impressed again by the authors’ prescient view that more companies would eventually see the business performance value that controls and structures demanded by SOX could provide.
Before reporting on how some forward-thinking companies had already started to implement better information management and stronger control frameworks in response to the law, the authors note, “As SOX went into effect, more and more executives began to see the need for internal reforms; indeed, many were startled by the weaknesses and gaps that compliance reviews and assessments had exposed, such as lack of enforcement of existing policies, unnecessary complexity, clogged communications, and a feeble compliance culture.” They go on to note that many improvement projects were identified but parked for later attention so that the immediate need to satisfy the first year of the law’s requirements could be addressed.
