J-SOX and the challenges according to Forrester

The Internal Control Committee of the Business Accounting Council of the Japanese Financial Services Agency provided final Implementation Guidance for Management Assessment and Audit of Internal Controls over Financial Reporting (ICFR) in February 2007. The Implementation Guidance provides details to Japanese companies on how to implement a Management Assessment of Internal Control over Financial Reporting as required under the Financial Instruments and Exchange Law.

The J-SOX Compliance Process

EZ-Compliance is enabling and automating the steps marked in red. The documentation, risk assessment and conflict resolution of business processes in scope are the main purpose of EZ-Compliance.

Forrester Research lists the following challenges and difference between J-SOX and SOX:

Professional services. Japan has fewer than 10% of the number of qualified accountants than the US.
Independence of auditors. While the concept of auditor independence exists in the Japanese market similar to the US, many Japanese firms can and will rely on the influence and recommendations of their audit firms.
Audit automation is critical. With the extreme shortage of auditors compared to US per capita numbers, this shortage will increase the requirement and necessity for process efficiency in the internal audit process and software that can support these processes.
Support of IT governance. In the November guidance regarding the scope of the J-SOX process, it is clear that IT controls are a central point of focus for J-SOX

EZ-Compliance bridges the gap as identified by Forrester. The lack of qualified, independent accountants requires a high degree of automation. Although a qualified advice and judgment still will be needed in the process, the workload can significantly been reduced by using automation software like EZ-Compliance.

Uwe Schnittert, Head of IT, Olympus Winter & Ibe GmbH: "We have selected EZ-Compliance because it is the only business solution available able to scan Baan authorizations and identify all related J-SOX Segregation of Duties conflicts within the first day of implementation. Its ability to automate this scan daily/weekly without human intervention will not only help us secure our J-SOX audit certification, it will eliminate tedious manual effort and save Olympus significant SOD monitoring and J-SOX audit cost".