Introduction
EDP is one of the common aspects of data analysis which is regulated automatically, avoiding human help. According to Iskhakova (2019), electronic data processing systems can capture a lot of similar information and find an insignificant error that does not allow systems to work correctly. EDP is usually used in gadgets that produce mathematical results like computers and calculators. It is crucial to use a reliable method as it stores a lot of important information, and in case of a breakdown, a lot of important information might leak. Consequently, Trinity pays attention to data security and provides users with the same services as other processes in different marketplaces but with increased protection (Schultze, 2011). This technique increases the brand’s awareness, and more people prefer to use it for data analysis. However, to receive a high-quality system, more money should be invested as more testing should be done to ensure security, and professionals in this industry should be interested in the product to continue developing it.
Strength and Weaknesses
The key responsibility of the bottom-up approach is to identify and fill gaps in documentation regarding risk analysis and internal control evaluation as regards financial reporting. The first step is to pay attention to individual elements that work separately and do not have dependencies, and the second step is to regulate linked systems (Schultze, 2011). The key strength of the bottom-up approach is an accurate observation of the working environment and the ability to detect a problem early in its development. This feature helps inform workers and guide them through the documentation process to solve the issue. This approach gives an advantage in identifying risks and finding and forming strategies for their management. Nevertheless, the bottom-up approach has negative sides related to financial issues like the inability to cover testing costs.
Recommendations
It is crucial for Trinity to continue developing their policies and support the existing strategies that allow electronic data processing systems to stay under control. Moreover, to decrease costs and save time, managers might consider switching to a top-down approach which slows down the development process but might make it more efficient (Schaffer et al., 2020). Also, documentation controls might become more structured, and employees can become more motivated to increase efficiency.
Top-down Approaches
While the bottom-up processing approach is oriented toward small details and specific problems related to software systems and risk management, the top-down technique catches massive issues and divides them into smaller ones. The key concern of the bottom-up approach is the inability to understand the broken system’s functionality as the issue is not presented separately from the main process (Schaffer et al., 2020). Consequently, in this case, top-down processing might become more useful, since it concerns internal operational failures.
Compliance Project
Financial losses became the key problem for the SOX compliance project, and it became crucial for accounting managers to adjust the reliable solution and ensure their high-quality testing. Consequently, they have developed a new useful testing center called Accounting Service Center (ASC), controlling daily transactions and testing them for leakages (Schultze, 2011). This coordination was mostly oriented toward the general financial process. Instead of using a bottom-up approach for individual problems, they considered a top-down method to pay attention to linked issues with billing and payroll. To make ASC more efficient for Trinity, it was regulated by a separate provider, but most of the work was connected to the SOX project.
However, sometimes it is impossible to split a big problem into several parts, and it might take more time and resources to solve the issue. Nevertheless, even though it is easier to work with the top-down approach, it works only with languages like C compared to the bottom-up processing, which allows every object-oriented programming language to find the solution. Therefore, the top-down approach is more appropriate for Trinity and it should implement it next year to minimize loss risks. Moreover, compare the efficiency of the software assistance with the use of different strategies and decide which works better by Year 3.
Internal Control Structure
By regulating internal controls, the efficiency of the business can be identified, and financial issues might be solved. The SOX of 2002 has implemented two main acts known as Section 302 and Section 404, which require officers to manage internal controls and ensure the protection of information (Schultze, 2011). The top-down approach allowed us to detect the issues in the financial sector and understand how they affect the whole performance, including other business spheres. Identifying the core and massive problem helped managers establish a stable and structured internal control to improve other related processes. Moreover, the bottom-up approach facilitated solving minor issues like the production of financial reports and the assistance of young specialists towards the main goal.
Chief Insights
The pilot project of the SOX compliance plan gave a clear vision of possible deadlines and the number of works that should be done during the execution. In the early stages of the project in July 2003, two major cooperating firms were chosen, called Highway Safety facility in Lima and the Marine Tank-Barge facility in Madisonville (Schultze, 2011). The manufacturing representatives were chosen quickly, and the pilot plan’s execution began in August 2003 (Schultze, 2011). SOX required its workers to follow the key six aspects of compliance: routine, non-routine transactions, information technology, financial reporting, environment control, and fraud prevention policies. All these spheres are comparable to EDP systems, but such aspects as control of increasing costs are missing in the SOX compliance project plan.
Testing Processes
Trinity has paid a lot of attention to developing testing methods, and they have spent millions of dollars to make these systems accurate. According to Schultze (2011), the company has used both manual and automated testing techniques for internal processes, and it took them approximately four months, from March to July 2004. Several approaches adjusted to the testing were appropriate for the general company’s performance. For instance, some documentation processes had gaps, and it became crucial to fill them to decrease the risk of missed technical problems.
Most Useful
The most useful way of testing for the Trinity company was internal validation testing. It helped close many documentation gaps and improve the quality of internal control. Around 226 insignificant problems were closed by June 2004 (Schultze, 2011). Moreover, the company has adjusted a successful audit testing controlling external companies that work with SOX (Schultze, 2011). This method helped in influencing decision-making more frequently and deciding whether they affect Trinity’s security.
Results and Recommendations
The first year of testing was successful, and even though Trinity has faced several problems in the financial sector, they managed to regulate them by the end of the first year of the project execution. One thousand eight hundred three control activities were tested by June 2004, 284 documentation gaps were detected, and 226 were resolved (Schultze, 2011). Moreover, 2440 issues with SOX maintenance control were tested, and 327 were fixed (Schultze, 2011). Therefore, the presented memo is addressed to the Trinity Company conducted based on their previous reports and will be issued in the current year. Even though the testing process brought many benefits to Trinity, they should consider reducing costs next year as they spent $2.5 million in 2004 to increase the project’s performance (Schultze, 2011). Furthermore, by applying both top-down and bottom-up approaches, the company might understand in what cases they might be more efficient and progressive in testing next years.
SOX Expenses in 2008
To reduce expenses in 2008, Trinity should have looked at their experience in 2007. For instance, 1000 new SOX changes were introduced every six months, but to decrease the expenses, managers could reduce the number of changes and increase control under every new invention (Schultze, 2011). Nevertheless, this method could slow the project’s progress and motivate workers less. Moreover, managers could switch to fully automated testing systems from time-consuming manual processes. This idea has a negative side as some people might lose their jobs.
SOX-Related Expenses: Rank
Four main types of costs are related to Trinity’s project execution. The first and the most significant are direct costs which show the expenses on raw materials like equipment purchases. The second type is indirect costs which are less visible but crucial for project success. These expenses include utilities and renting offices or other social locations. The third cost is intangible, and it is difficult to calculate as new features are introduced. This type might include a lack of customer loyalty and low sales (Khan et al., 2018). The last expenses should be introduced when the previous kinds are managed as they are called competitive costs, showing how one specific testing method can be better than another.
SOX-Related Expenses: Software System
Compared to the SAP system, Oracle has more suitable tools for budgeting and pricing. Moreover, Oracle is a software system that includes all the necessary components of a company’s management, such as customers, resources, and accounting. That differentiates it from systems such as Sage Intacct, which only include accounting tools.
Conclusion
Trinity is based on the Oracle software system, and it remains one of the most beneficial software bases that allows the company to generate profit. According to Schultze (2011), the operations of Oracle and its features saved $5 million a year in SOX project execution. The system stays reliable for Trinity and changing the base might increase the risks of financial losses that are not efficiently regulated in the company and require further support and reduced expenses.
References
Iskhakova, A. (2019). Proceedings of big data streams in intelligent electronic data analysis systems.Advances in Intelligent Systems Research. Web.
Khan, S. Z., Yang, Q., & Waheed, A. (2018). Investment in intangible resources and capabilities spurs sustainable competitive advantage and firm performance.Corporate Social Responsibilities and Environmental Management, 26(2), 285-295. Web.
Schaffer, L. V., Milikin, R. J., & Shortreed, M. R. (2020). Improving proteoform identifications in complex systems through integration of bottom-u and top-down data.Journal of Proteome Research, 19(8), 3510-3517. Web.
Schultze, U. (2011). The SOX compliance journey at Trinity industries. Journal of Informational Technology Teaching Cases, 1, 91-113. Web.