How Can IT Help Us Comply with the Sarbanes-Oxley Act?

Posted by Steven Vigeant on 11/8/13 1:32 PM

Login with password prompt | Data securityWith the biotech industry booming, some companies are electing to go public even before they have fully developed a marketable product. Making the jump has certain advantages, but it is not a decision to be made lightly. Publicly traded companies are subject to significantly more rules and regulations than their private counterparts.

Public companies need to have systems and procedures in place to meet the standards for data security and auditability required by the Sarbanes-Oxley Act. The act was proposed in reaction to the accounting scandals of Enron, Tyco International, and others that caused investers to lose billions of dollars due to the fraud.  SOX puts forth strict compliance standards so companies can certify the financial information they are reporting is accurate.  Biotech companies that fail to meet these standards face fines up to $1,000,000, damaged reputations, and the risk that other publicly traded companies will refuse to do business with them.

Your greatest tool for complying with the Sarbanes-Oxley Act is IT. With the right infrastructure in place, your biotech company can confidently report all of the necessary support attesting to the accuracy of their financial data.

Comprehensive Data Security

Although you already have some data security measures in place, they may not be sufficient in the eyes of Sarbanes-Oxley. In order to meet the mandated levels of security, you must keep in mind your cloud storage platform, mobile devices, and collaborative work processes.  Startup team environments often leverage email as a collaboration tool, but this does not allow for modification tracking or controlling access permissions.  If you decide to go with a cloud file sharing or syncing software solution, keep in mind you will need to have a local (physical) backup copy.

Making an additional investment in data security can save you a lot of hassles. Sarbanes-Oxley doesn't just protect your business partners and investors; it protects your biotech business from a costly data breach. Take the time to review the measures you have in place and be willing to expand and reinforce your security net as necessary.

Efficient Report Generation

Publicly traded companies must maintain records of their business dealings that can be audited at a moment's notice. Your IT infrastructure can help you automatically backup your data daily and store it in a secure cloud location so that it is ready for inspection at any time. There are also IT tools that can help you organize and manage this information according to the required reporting standards.

Data storage is just as important as data security for publicly traded companies. If you cannot demonstrate that you are meeting the requirements of Sarbanes-Oxley by providing verifiable reports, you risk noncompliance. Your IT partner can help you find efficient and affordable storage solutions that keep sensitive data from falling through the cracks.

Updated IT Policies

Your IT infrastructure can only take you so far. You must also change the way people at your company use IT. Revising your company-wide technology use policies and training your employees on the necessary changes can help you to keep your data safe and organized in a way that makes reporting easy.

One of the most difficult aspects of Sarbanes-Oxley is that it neglects to make specific policy prescriptions regarding IT. You are held to a certain standard, but not given much guidance about how to meet it. IT experts who know the ins and outs of the law and have specific experience implementing it can show you how to keep your biotech company compliant.

If you are thinking of going public, you need to take the Sarbanes-Oxley Act seriously and make advanced preparations for its requirements. Rather than trying to navigate the fine print yourself, rely on an IT company who can make your improvements and updates both cost effective and seamless. To learn more about how IT can benefit your biotech company, read our newest white paper “After the Seed: Planning IT Investment for a Biotech Startup.”

 

Click here to download the guide

Topics: Data Security, IT Infrastructure


 Comments