In a Q&A in the May issue of Chief Executive Magazine, James Quigley, chief executive of Deloitte & Touche, argues in defense of the Sarbanes-Oxley Act. That may not be too surprising given his firm’s line of business, but he does have some interesting observations, and responses to the usual questions about Sarbox, or SOX.
In saying the legislation should not be diluted or amended, Quigley disagrees with CIO magazine publisher Gary Beach (who says, repeal Sarbanes Oxley—we’re spending too much on compliance at the expense of other stuff), but Quigley does concede Sarbox’s implementation could be clarified. And he agrees with CIO.com blogger Ben Worthen in thinking the Public Company Accounting Oversight Board could help drive efficiency and effectiveness. But that organization’s guidance, and the Securities and Exchange Commission’s, could occur and be significant without reopening the statute, he says.
Quigley’s comment on whether the regulation is “percolating” into the CIO’s sphere was: “If the software that’s designed is key and fundamental and core to the underlying control systems of the enterprise and the process for preparing their financial statements, I believe it is consistent with the intent.”
Sadly, he didn’t address IT’s role any further, though the CIO carries many of the risks and responsibilities of compliance.