Five years on, and cost is still the big issue surrounding Sarbanes-Oxley. Non-compliance with Section 404 spells disaster for companies with massive falls in the value of the stock.

But the corporate cop, the great enforcer of Sarbanes-Oxley has its own problems with material weakness with the Government Accountability Office declaring that the Securities and Exchange Commission has problems with its own internal controls.

For example, the SEC's period-end financial reporting process for recording transactions, maintaining account balances, and preparing financial statements and disclosures, run off computer systems that are not integrated or compatible with its general ledger system. That means manual processing and controls. Which in turn raises questions about the reliability of the data.

"This processing complicates review of the transactions and greatly increases the risk that the transactions are not recorded completely, properly, or consistently, ultimately affecting the reliability of the data presented in the financial statements."

For his part, SEC chairman Christopher Cox has given an undertaking to have it all fixed by the end of next year. "The SEC intends to remediate this material weakness before the end of 2008, and to identify each of the findings and recommendations identified during the audit."

Let's watch this space. In the meantime, Cox can be grateful that there's no market in government agencies. Unlike the situation facing companies that have material weaknesses.