Governance, Risk and Compliance
Governments around the world are adopting and revising regulations that address the integrity, completeness, comparability and accuracy of financial statements presented by publicly traded corporations.
In the United States, the Securities and Exchange Commission (SEC) now enforces the Sarbanes-Oxley Act of 2002. The driving purpose of this legislation is to demand responsibility and accountability from corporations and their executives to all stakeholders in order to re-establish investor confidence.
Similarly, the European Union and a number of countries have adopted the International Financial Reporting Standards (IFRS) 2005 in order to remove barriers to cross-border trading by creating a single capital market environment. The IFRS calls for a uniform reporting standard to provide internationally comparable financial and non-financial information on which to base economic decisions.
While a good proportion of Sarbanes-Oxley and IFRS requirements are outside the scope of enterprise applications, QAD is committed to addressing those that are relevant. QAD is committed to providing the process controls and tools that enable an enterprise to achieve compliance with the applicable accounting, reporting and disclosure requirements.
The QAD response to Corporate Governance compliance requirements encompasses a variety of actions and activities. The combination of analysis, customer interaction, and industry collaboration and development are intended to address the pertinent sections of Sarbanes-Oxley and IFRS compliance.
The QAD provides a combination of evaluation, training, and development including the following:
- QAD Enterprise Applications supports data and process integrity and security, internal control, and reporting.
- QAD products support significantly enhanced data and process integrity and security.
- QAD product development supports enterprise internal control, visibility, data rationalization, shared services, alert management, analytics, and reporting.
- Flexible architecture allows companies to define and set up their own processes to ensure compliance
QAD has developed security and control functionality to meet strict security procedures — those required by internal corporate policies as well as mandated by governing bodies — such as the requirements of the SEC, IFRS, as well as the U.S. Food and Drug Administration (FDA) and other industry regulators..
- Define and enforce security policies on password management
- Define the threshold of failed log-in attempts that will indicate a security violation
- Provide log-in access control and access restrictions to menu functions
- Control password complexity and aging with configurable parameters
- Provide enhanced intrusion detection including the ability to record all or failed log-in attempts
- Control password composition, frequency of change and rules for reuse
- Log all log-in events and lock accounts after a prescribed number of failed attempts
- Meet the requirements of 21 CFR Part 11