Testimonial: Going Public

A global life sciences company based in Massachusetts was planning an initial public offering (IPO) and wasn’t sure if its IT infrastructure would help it comply with the Sarbanes-Oxley Act (SOX), a major set of federal regulations that hold companies accountable for accurate and complete financial reporting.

“As a small company, we don’t even have an IT department,” said the company’s associate director of commercial and business operations. “We’re all finance guys, so we understand the finance side of SOX compliance, but we didn’t know where to start when it came to the IT side.  We didn’t even know the questions to ask to evaluate our infrastructure, let alone update any problem areas to ensure we were SOX compliant. Data Evolution did.”

Asking the Right Questions

SOX compliance isn’t entirely about IT, but IT is a major component. To comply with SOX, companies need to put in place the proper controls to manage access to their financial information as well as maintain logs of all activity that can be accessed easily in the event of an audit. This is especially critical when it comes to onboarding new employees and off-boarding others.

Fortunately, this life sciences company had Data Evolution on its side. The associate director of commercial and business operations had worked with Data Evolution at two previous companies and had “carried” it with him to his latest position.

“Data Evolution really helped us through the SOX compliance process,” he said. “They sat down with us and took the time to develop a complete understanding of our system before planning a SOX-compliant setup.”

Data Evolution’s experts knew the right questions to ask, including:

• Where is your financial information located? Is it hosted or on-premises?
• How do users log in?
• Is it federated and tied into the directory structure?
• Who has access?
• What if an employee leaves? Do you have a plan for terminating access?
• What do you do if an employee’s laptop is lost or stolen?

These are just a few of the questions Data Evolution asks before helping a client achieve SOX compliance. Armed with this information, Data Evolution can plan and implement an IT system that includes the access controls, logging, policies, and other features a business needs to successfully and safely go public.

Are You Taking Your Biotech Company Public?

Before your IPO, make sure your IT system will support you with Sarbanes-Oxley compliance. Contact us via email or by phone – (617)517-0972.