Is Your Travel and Entertainment (T&E) Expense Software SOX Compliant?

Sarbanes and Oxley Act of 2002 (SOX or “Sarbox”) has mandated stringent auditing requirements for public companies across America. The Act aims to prevent lax documentation and auditing fiascoes that can (and did) bring down important public corporations, with untold damage to the economy and the shareholder public.

Record keeping and seamless documentation of expenses are at the heart of good SOX compliance. The results are audited by both internal and external auditors. If any “significant” documentation shortcomings cannot be fixed within a matter of months, the corporation might be forced to report it in its annual report, which would of course damage shareholder trust and peril the company’s future.

Since travel and expense is a major source of recurring expenditure for most corporations, it is crucial that a T&E system is in place to insure correct record keeping, policy auditing, expense approving and report generation at all levels within the organization.

Here is a checklist to help you decide whether your T&E software is good enough to satisfy the SOX compliance criteria and help you minimize your legal and tax liabilities:

1) Does your T&E software allow for policy configuration and policy auditing of individual expense reports? This is a key requirement that you should definitely insist on when purchasing your T&E software. Expenses made, reported and approved contrary to or regardless of corporate-, department-, or project-level policies become liabilities during a SOX audit.

The existence of documented (electronically or written) policies is the very first thing a SOX auditor will focus on. But that’s not enough. The same policies should also be enforced electronically through your T&E system; otherwise you have no audibility.

2) Does your T&E software provide security measures so that only the authorized personnel can access the administrator role and configure the corporate T&E policies? If the parameters and limits of such policies can be changed at will by unauthorized personnel, it will certainly put you at risk of having a “significant deficiency.”

3) Can your T&E software itemize the hotel and transportation bills properly? Does it allow the bills to be submitted instantly without delay, no matter where the employee might be in the world? Does it track and account for taxes paid in different tax areas like city, state or province? Does it take into consideration the local currency?

4) Does your T&E software provide Work Breakdown Structure hierarchical reporting capability? This provides the necessary accounting to ensure your costs are managed and billed correctly.

5) Does your T&E software provide a reliable Approval Workflow that can be configured easily by the Administrator? Such workflow capability provides the necessary controls to ensure that travel is approved before your employee or contractors book their travel.

6) Does your T&E software provide a way to capture an image of the expense receipts electronically? Can these images be attached electronically to the expense report itself? Such documentation is indispensable for a corporation. If and when there is an allegation of malpractice or fraud, electronic image records with secure time stamps can be used as evidence in a court of law.

7) How long and how safe the T&E records are kept? Record retention is another important aspect of SOX compliance. Typically, records must be kept for seven years. Is your T&E data backed up regularly? Is it kept safe in a mission-critical data facility? If your T&E data is lost for one reason or another it will not look good in the eyes of the SOX auditors.

Can your T&E software easily generate separate expense reports made available to your CFO and other related departments within the organization? Can the data be exported as Excel sheets, the favorite data format for your finance department? Company officials with easy access to reports will prepare their staff for the SOX audits with the kind of high self-confidence that will show during the review.

9) Does your T&E software have documented process controls in place to ensure highest-level data privacy and consistent report generation? That’s the kind of robust system control that impresses a SOX auditor.

There are a lot of T&E software packages out there but they differ in the way they comply with SOX rules; and more importantly, the way they secure your data.

One new Software as a Service T&E online solution that satisfies almost all of the above conditions is www.web2expense.com. It’s worth to have a look and see if it would meet your SOX-related reporting and documentation needs.

(Copyright-free photo courtesy of Wikipedia.)

SaaS and Unified Communications Revolution

Another important aspect of the Software as a Service (SaaS) model is the way it facilitates and supports the new “Unified Communications” model of inter-corporate collaboration.

The days when the companies used to hide behind the firewalls and did their business mostly through the intranet are coming to a close.

Now the emphasis is on consolidating all modes of communication (from e-mail to webinars) into one easily accessible channel. And given the fact that bandwidth is ceasing to be a determining issue with every passing day, SaaS model emerges as the natural choice of all forward-thinking companies.

Cisco, which has purchased the SaaS pioneer WebEx for $3.2 billion, has joined those investing heavily in new SaaS platforms.

Multi-media software giant Adobe systems also joined Cisco in welcoming the new SaaS era. We’ll see more Adobe products in the days ahead that encourage collaboration over the Internet, thanks to products developed true to the SaaS paradigm.

The Revolution has just begun.

Web2Expense Travel and Entertainment Expense Solution is iPhone Enabled

You have an iPhone?

Good.

That means you are ready to start filing away your travel and expense reports no matter where you are around the world because Web2Expense is 100% iPhone enabled.

Built with a multi-tenant architecture on super-secure IBM Domino platform, Web2Expense is a great SaaS solution that you can use both for your T&E expense reporting and management wherever there is an Internet connection.

What’s more, if you are using our enterprise tool for your individual needs, it’s FREE, as in zilch, nothing, and nada. All you need to do is point your browser (ANY browser) to www.web2expense.com and you are on your way!

We put our iPhone unit through all kinds of tests yesterday at our Ashburn, VA unit test lab.

Result: both the iPhone and our reliable Web2Expense passed the test in flying colors.

Here are some screenshots from our test session:

1) This is how the Home page looks in iPhone. Its sharp. All buttons and links functioning.

2) Details of a Travel Approval Request. In W2E you can send your requests to your designated managers for approval — if you’re using the enterprise version.

3) W2E’s screens are dynamic. They display content-sensitive information appropriate for the fields displayed. Here CALENDARS are displayed immediately when the user touches the DATE fields.

4) Detail from the Expense Report Management module. All administrative management functions work perfectly inside an iPhone.

5) Details from an expense record screen.

6) An W2E exclusive — W2E’s all inclusive features included electronic records management. When you fax in your receipts, they are captured electronically and are attached to your expense report where they can be reviewed and approved by your manager.

7) A W2E page is downloading quickly to the iPhone thanks to the lean code behind our enterprise solution. Quick loading pages means you can finish your reporting in a hurry and spend your precious time on something more pleasant

Report item detail. All airlines are displayed dynamically on the right column when the user touches the Airline Name field.

9) Approval and Payment Status screen. Payment is still waiting for the manager’s approval.

10) Travel Request Management administration screen where a user with admin privileges can configure the admin categories anyway she wants.

Tomorrow’s T&E solution on the go is here! Visit www.web2expense.com today.

SaaS and Physical Data Security

System security is a must. (See this post)

No matter how good an SaaS solution is, if it’s hackable then obviously it’s no good.

But how about the physical security of your data?

Where does the Saas company keep your data?

Have you ever thought about that?

Do they keep your data in a server in the back office, right next to the rest room?

If a storm blows away the office of your company, will you lose all your data and your business?

Those are important questions to ask before signing up with a SaaS solution because you will be entrusting them your valuable and confidential business data.

Our answer to those questions as web2expense.com is simple:

Your data is stored and protected in a military-grade mission-critical super-secure data facility only a mile away from AOL’s World Headquarters in hi-tech Northern Virginia where half of world’s Internet traffic passes from.

This is a hardened nondescript facility that occupies a whole block and it takes many security checkpoints protected not only by human guards but also CCTV cameras, bio-hand-readers and keypads.

All our data servers are kept in locked steel cages, right next to other cages where for example Google’s local servers also keep humming 24 hours a day.

To really appreciate the depth and extent of our physical data security we encourage you to visit this page and read a detailed account of a recent visit our editor has paid to our data center for our clients and readers:

http://www.web2expense.com/w2excms.nsf/$All/3F9BCF96A890958C8525738B0077699C?OpenDocument

We protect your data 24×7 as if it were our own data because your business is our business.

SaaS, Data and System Security

Data security has been considered to be the soft underbelly of the Software as a Service model.

However, the reality, at least the way we implement the SaaS model here at web2expense.com, has been a lot different.

Why?

Because we as Beyond Portals have made security and data privacy our top concern since day number one.

That’s why we have built our enterprise system on the super secure IBM Domino platform.

When our Marketing Director says to steal data from Web2Expense is harder than “to steal gold from Fort Knox,” he is not exactly exaggerating.

First off, we use a lot fewer number of communication ports than a majority of enterprise systems out there. That’s where real security begins.

The more doors and windows you have into a system, the more vulnerabilities you create. That has been the chief architectural weakness of many enterprise systems out there.

Secondly, all our system processes and communications are encoded and tagged with unique hard-to-break URLs and internal identifiers. Those pointers are extremely hard to duplicate randomly. That is another level of security built right into the system.

Thirdly, a visitor needs to enter not only her User ID and Password but her Company ID as well to access any of her data. There are other system security features of Web2Expense that we’ll analyze in our posts.

To sum – yes, security IS an important issue for all online browser-based solutions. We recognize that today and we recognized it back in 2005 when we started to develop our travel and expense solution. That’s why we can offer it proudly today as the solution that will serve all road warriors exceptionally well.

(See this post on physical data security)

Supermarket cases ‘highlight value of Saas’

Click for the full story

A recent case where two large supermarket chains have been ordered to disclose email correspondence has highlighted the need for firms to have efficient and effective email management and archiving systems, it has been suggested. Writing in Vnunet.com, the chief executive of mimecast, Peter Bauer, said the problem of the large amounts of email traffic were highlighted by the demand from the Competition Commission for Asda and Tesco to hand over email records amid allegations of pressure being put on suppliers over prices, with the total of emails concerned possibly being as high as 11 million for Asda alone. Mr Bauer added that Software as a Service (SaaS) was a highly effective tool to help firms deal with holding large quantities of online data.

Goldman Sachs on SaaS: “One of the most important trends in software”

Goldman Sachs has described SOFTWARE-AS-A-SERVICE (SAAS) model as ” one of the most important trends in software at present, and will become pervasive over the next several years,” as reported by Barron’s.

Totally upbeat about the future of SaaS, Goldman Sachs continued: “We expect SaaS to expand the total addressable market for enterprise application software, with growth in SaaS outpacing growth of the overall software market for the next three to five years. “

All other data point in the same direction.

A Gartner Group report published earlier in March said the same thing in a different way:

“SaaS sales soared to $6.3 billion in 2006 and now predicts the market will eclipse the $19 billion threshold by the end of 2011. IDC has similar expectations, pegging annual compound growth of roughly 32 percent for the next four years and total SaaS market of roughly $15 billion by 2011.”

That’s why here at Beyond Portals we have chosen SaaS as our chief development platform. Why look back at outdated paradigms when one can look ahead and ride the rising wave of the future?