In 2002, a law was passed in the US Congress that has had a lasting effect on business. The law was Sarbanes-Oxley (SOX) and introduced sweeping changes to financial reporting. Other countries followed suit, and now wherever you go the regulatory requirements for governance and compliance reporting have continued to grow. This includes other areas of businesses as well, including: manufacturing, supply chain, product quality and safety.
As you might expect, there is now a three letter acronym used to encapsulate governance and regulatory issues – GRC (governance, risk and compliance) – which is “the capability that enables an organization to reliably achieve objectives while addressing uncertainty and acting with integrity; including the governance, assurance and management of performance, risk, and compliance” (Open Compliance and Ethics Group).
When it comes to tools and systems, doing GRC on a spreadsheet creates a disconnected system which doesn’t help with visibility or compliance, and often results in increased costs. A better approach is to have an integrated system that not only ensures operational transactions align with controls, but also manages the execution of processes, administers role permissions and access, and handles how information flows.
Because of SYSPRO’s international customer base, and the number of customers that have to deal with regulatory issues (from financial reporting, to material quality, and product traceability), our software provides the tools and systems to enable an enterprise to build and operate a compliant organization. Features such as:
- SYSPRO Process Modeling and SYSPRO Workflow Services, which provide a way to orchestrate and provide visibility of complex processes and workflows.
- Dashboards, which present a real-time visual presentation of data from the system.
- Role-based security and electronic signatures, which enable greater security, access control and ensure integrity of operations.
- Lot traceability, which enables quality control through the tracking and replacement of any defective materials.
- Powerful general ledger, providing the functionality and flexibility to report according to various reporting standards, such as GAAP, IFRS and the Global Reporting Initiative’s guidelines.
However, software alone cannot make an organization compliant. It is the utilization of the software that will make the difference. It is up to the business to ensure that processes are defined and software is set up and configured so that it meets with regulatory requirements. It is also up to the business to manage and maintain the processes and software in an on-going fashion, which includes training staff.
If you look on the brighter side, while you can paint increasing governance and compliance as a problem, if you have the right approach you can use it as an opportunity to confirm the alignment of objectives and goals, improve business alignment operations, and address the issue of risk management.