Prepping for IPO: A Real Estate Juggernaut Achieves SOX Compliance Using Jira and Confluence

Overview

Cprime has been working with this company for several years. Specifically, they rely on us to handle:

• Licensing for their Atlassian products
• Managed hosting
• Custom development
• Consultation around Atlassian solutions

As the company began preparing for their IPO, however, we deprioritized all other work so we could focus solely on developing a strategy ensuring the organization could achieve SOX compliance.

In the months preceding the IPO, a lot of internal changes occurred. The CEO resigned, and leadership carried out extensive reorganization and downsizing to bolster a sagging balance sheet. They knew that, with that situation in the recent past, SOX auditors would be especially diligent as soon as the company went public.

So, Cprime Solutions Architect Clayton Chancey — who was previously directly involved in Atlassian consultation and custom development at the company — took on the responsibility of developing their SOX compliance strategy for the Atlassian suite in partnership with leadership and dedicated SOX consultants. He served as Product Owner leading a team of six Atlassian experts, and coordinated custom development work carried out by the Cprime Studios team based in Ukraine.

“Our goal was twofold,” Clayton recalls. “We needed to revamp the setup of one of their core systems — Atlassian Jira — to make it SOX compliant. And, they wanted to actually manage their compliance activities using Jira as their project management solution. So, we needed to help develop the overall compliance strategy and configure Jira and Confluence to support that.”

The Solution

John Lucas, Cprime Solutions Architect explains, “They contacted Cprime to take this on because they already recognized us as the Atlassian experts. It’s commonplace for companies to bring in compliance consultants to provide general guidance — and they did — but they could only offer blanket recommendations for how all apps and systems should function to comply with SOX regulations. They weren’t familiar enough with Jira to offer any practical guidance. We could.”

The Cprime team took a broad view to ensure they set up Jira to accommodate all SOX requirements. Jira will also efficiently manage compliance activities across the organization. So the team needed to creatively consider:

• Onboarding and offboarding
• Access control
• Segregation of duties and approvals
• Reporting and auditability

To accomplish their dual objective, Clayton, John, and the team made Jira a central hub. It could be used to track and coordinate auditable activities across multiple systems. This required custom integration development to connect Jira to various systems including those used by Finance and HR. Internal workflows and custom automation ensure that the activity that occurs within Jira is, itself, compliant. At the same time, activity coordinated with other systems is thoroughly tracked and reportable by means of simple dashboards and automated reports that can be pulled on demand for both internal and external auditing purposes.

Additionally, all the activity occurring within Jira could be tied to a dedicated space on Confluence to facilitate documentation and collaboration while maintaining the proper SOX-compliant access controls so no aspect of the financial reporting data could be compromised.

The Results

The company went public and, soon after, our solutions helped them achieve full SOX compliance. Shortly thereafter, external auditors conducted a thorough investigation and confirmed this designation. Needless to say, this outcome more than satisfied our client.

“Maintaining and validating compliance is always going to be an ongoing process,” Clayton concludes, “so we continue to partner with the client to administrate and optimize the Jira configurations and develop scripts and integrations as needed. But, they did the heavy lifting upfront.

“Cprime’s key differentiator in this project was the well-rounded solution we were able to provide with a particular expertise in the Atlassian solutions that other compliance consultants simply couldn’t match.”

 

Interested in similar results for your organization? Explore our flexible Atlassian custom development solutions.

 

About Cprime

Cprime is an industry-leading, full-service global consulting firm with a focus on providing integrated and innovative solutions around digital transformation, product, cloud, and technology. With over 20 years’ experience, we provide strategic and technical expertise to businesses across more than 50 industries. Our team of advisors and technical experts have the know-how to meet organizations where they are to develop actionable solutions and solve business challenges. We also collaborate with our expansive network of partners to design, deploy, and harmonize technology stacks across organizations. Our mission is to empower visionary business leaders and teams to reimagine the future of work to achieve better outcomes.

Want to share with a colleague? Download the PDF