breaking

Wednesday, April 8, 2009

Certifications for China SOX

Organizations that have undergone external certifications in the past will find it much easier to adopt and adhere to the regulations listed in the Basic Standard for Enterprise Internal Control (China SOX). The operational control rigor required to attain global, industry-specific and other certifications means that the company already has good control over their processes and quality systems.

Examples include the following:

• SAS 70 - auditing standard for service organizations.
• ISO 14000 – environmental management standards to help organizations minimize the environmental impact of their operations
• ISO 9000 – quality system standards and systems
• ISO/IEC 27000 - information security management, risks and controls
• CMM/CMMI - Capability Maturity Model for software development
Six Sigma implementation – for manufacturing and business process defect reduction
• TQM - Total Quality Management process
Sarbanes Oxley – reporting regulation for US-listed companies

Like China SOX, most of these standards require external audit and certification by authorized bodies. In addition, the level of resource required for proper implementation means that these standards and business practices have received high priority and visibility in the organization.