March 29, 2005
Converting an open society into a closed one: SOX404 at Catapult Communications
One of the aspects of Catapult that I have been most proud of is the culture of openness within the company. We trust our staff and we show this trust by avoiding locks on inventory areas, not monitoring staff usage of email and the internet, and in many other ways, both large and small.
This openness, I believe, is the best protection we have against fraud -- while we cannot, for competitive reasons, share everything we do with the entire world, by keeping everything as open as possible within the company, we make it hard for any small group -- including management -- to hide from informal, but highly effective, internal scrutiny.
SOX404 attestation will change all that. We are being told that we must lock away anything even vaguely associated with financial reporting and record-keeping -- either physically, by lock and key, or electronically, by requiring passwords on items as small as a single cell in a spreadsheet.
The net effect is that Catapult staff will daily get the message that management no longer trusts them, in ways subtle and unsubtle, large and small, here and everywhere. The result will be exactly the opposite of what was intended by SOX404. Things that everyone could see will now be visible only to a select few, making collusion easier rather than harder.
And that is even before we consider the unintended damage this change will do to our hard-fought, highly successful, corporate culture.
Chairman Donaldson, if you really have been listening, you would already have heard our cries, which started the day the first SOX404 consultant crossed our threshold.