The Protiviti View  | Insights From Our Experts on Trends, Risks and Opportunities

The Protiviti View

Insights From Our Experts on Trends, Risks and Opportunities
Search

POST

2 mins to read

Can Your SOX Compliance Process Benefit From Some Fine-Tuning? Find Out With Our Latest Benchmarking Survey

Larger Font
2 minutes to read

The results of Protiviti’s latest SOX compliance survey are in, and one takeaway in particular – cost of SOX compliance – may be music to the ears of some companies. For many organizations, those costs were reported to be lower this year than last, even as the number of controls, as well as hours dedicated to compliance, increased.

We don’t know the specific reasons why the costs at some companies decreased but we have some reasonable guesses: The fact that many companies have now completed their adoption of the new COSO Internal Control – Integrated Framework most certainly is a factor. The cost of the COSO implementation work was estimated to be between $50,000 and $100,000 on average.

Another potential factor regarding costs is who, exactly, is doing the work. As we illustrate in our infographic, a majority of organizations either outsource or co-source SOX compliance activities. This, in effect, may be masking some SOX compliance costs, as the expense for these external resources may not be captured under direct SOX costs the organization is tracking.

One other important point: The downward cost trend is not across the board – in fact, the overall number of companies spending over $2 million annually rose this year compared to last.

In addition, we wanted to get some further insight into why some companies report increasing controls, as well as increased hours and costs, so we introduced a new parameter in our survey this year – number of unique locations per company. Not surprisingly, the results revealed that the more locations a company has, the higher the number of controls it has and the higher its SOX costs are. This trend is quite clear, and it should help companies plan for their SOX costs next year, based on their plans to expand, reduce, or keep the same their number of unique locations.

Another trend driving hours and costs up is the dynamic nature of the SOX controls environment. With regulatory changes and developments constantly in play – PCAOB, new revenue recognition standard, cybersecurity, SOC 1, etc. – the learning curve seems to always be up, dragging hours up as well.

I’ve just highlighted the top trends here. The survey report provides much more granular insights, by type and size of company, type of control environment and more. Interest in benchmarking and peer performance with regard to SOX compliance is strong, and we are confident that the survey report provides a useful benchmark with detailed numbers and explanations. Download the survey report here and watch our highlights video below.

[wpvideo jY0diccR]

Was this post helpful to you?

Thanks for your feedback!

Subscribe to The Protiviti View Blog

To face the future confidently, you need to be equipped with valuable insights that align with your interests and business goals.

In this Article

Find a similar post by topics

Authors

Brian Christensen

By Brian Christensen

Verified Expert at Protiviti

EXPERTISE

No noise.
Just insights.

Subscribe now

Related posts

Article

What is it about

What to watch: President-elect Donald Trump will take office in January 2025 with Republican control of both the Senate and...

Article

What is it about

As the stakes increase for ensuring the integrity of sustainability reports, CFOs across all industries should not only consider adding...

Article

What is it about

In brief: What is CSDDD? The Corporate Sustainability Due Diligence Directive (CSDDD) is a new sustainability directive of the European...