Sarbanes-Oxley Act - Key Information - Security Protection

Common Tasks

Community

Email Notifications

Personal Links

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Sarbanes-Oxley Act - Key Information

The following links pertain to the Sarbanes-Oxley Act of 2002 based on research. I updated an older posting with more current links, as I'll need this for a key project at work next week. These links provide information on SOX regulations and it's impact on IT and security reporting concerns.

The Sarbanes-Oxley Act was signed into law on 30th July 2002, and introduced highly significant legislative changes to financial practice and corporate governance regulation. It introduced stringent new rules with the stated objective: "to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws".

Sarbanes-Oxley Act - General Information

Sarbanes-Oxley - Key Links
http://www.sarbanes-oxley.com/
http://www.pcaob.com/standards.php
http://www.soxtoolkit.com/
http://www.entrust.com/governance/sox.htm
http://www.auditnet.org/sarbox.htm
http://www.sarbanes-oxley-101.com/

Sarbanes-Oxley - Free Forums
http://www.sarbanes-oxley-forum.com/

Sarbanes-Oxley - Full Text of Law
http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_bills&docid=f:h3763enr.txt.pdf

Sarbanes-Oxley - AICPA links & Summary
http://www.aicpa.org/sarbanes/index.asp
http://www.aicpa.org/info/sarbanes_oxley_summary.htm
http://www.sarbanes-oxley-101.com/sarbanes-oxley-TOC.htm

Sarbanes-Oxley - Key Compliance Sections
http://www.sarbanes-oxley-101.com/sarbanes-oxley-compliance.htm
http://www.sarbanes-oxley-101.com/sarbanes-oxley-faq.htm
http://www.sarbanes-oxley-101.com/SOX-302.htm
http://www.sarbanes-oxley-101.com/SOX-404.htm
http://www.sarbanes-oxley-101.com/SOX-409.htm
http://www.sarbanes-oxley-101.com/SOX-902.htm

Information Technology - Critical Success Factors

Using IT successfully to comply with Section 404 means intergrating IT into your Sarbanes-Oxley program by:

1. Making IT an active participant in the company's program management office for Sarbanes-Oxley compliance;

2. Organizing IT resources and establishing an IT internal control program;

3. Providing IT representation on the steering committee;

4. Identifying, documenting and evaluating IT-related COSO requirements, IT processes and application controls

5. Application Controls: data validation, e-checks and output reconciliations, segregation of duties, protection of sensitive data;

6. General Application Controls: application development, testing, change control, database management, and application level security;

7. General Computer Controls: hardware/software configuration and management, performance and capacity management, security, data center operations, database administration;

8. Employing Best Practices: tools, approaches and internal control specialists as required.

SOX Information Technology - Key Links
http://www.cioinsight.com/article2/0,3959,1217378,00.asp
http://www2.cio.com/analyst/report2271.html
http://www.eweek.com/article2/0,4149,1527933,00.asp
http://www.nwfusion.com/news/2004/0730pwc.html

Posted: Jan 12 2006, 05:41 PM by Harry Waldron | with no comments

Questions? Contact Susan at Susan-at-msmvps.com. Each post's copyright held by the original author. All rights reserved. Blog site is an independent site not sponsored by Microsoft.
Our servers would like to thank www.ownwebnow.com and www.exchangedefender.com. We wouldn't be here without the generosity of Vlad Mazek and his companies.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.