Sarbanes-Oxley: Achieving Compliance by Starting with ISO 17799
نویسندگان
چکیده
Compliance with the Sarbanes–Oxley Act of 2002 (SOX) has been hampered by the lack of implementation details. This article argues that IT departments that have implemented ten categories of IT controls provided by the International Standards Organization (ISO 17799) will be well on their way toward SOX compliance. A side-by-side comparison of the 124 control components of the ISO Standard and the published SOX implementation guidelines is provided.
منابع مشابه
Business Process Compliance through Reusable Units of Compliant Processes
Compliance management is essential for ensuring that organizational business processes and supporting information systems are in accordance with a set of prescribed requirements originating from laws, regulations, and various legislative or technical documents such as Sarbanes-Oxley Act or ISO 17799. As the violation of such requirements may lead to significant punishment for an organization, c...
متن کاملCompliance-Appropriate Spreadsheet Testing
Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare. The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontro...
متن کاملSarbanes-Oxley, Basel II, and data mining opportunities in compliance systems
New legislative and industry governance directives have sparked development of systems to tackle Information Lifecycle Management, and related compliance automation for regulations including Sarbanes-Oxley, Basel II and ISO 15489 records management. Many of these systems use a “store now, sort later” philosophy, whereas others capture related information in the context of business processes. Un...
متن کاملA Framework for Integrating Sarbanes-Oxley Compliance into the Systems Development Process
The Sarbanes-Oxley Act introduces a new set of requirements into software development. Corporations need to assess their internal control effectiveness for business processes to show compliance with the act. This paper proposes a conceptual framework for integrating SarbanesOxley compliance needs into software development by mapping the activities of an established framework for internal contro...
متن کاملApplying Semantics to Sarbanes Oxley Internal Controls Compliance
The advent of regulatory compliance requirements such as Sarbanes Oxley Act has forced enterprises to set up a process for managing an effective internal controls system. We propose the introduction of a semantic layer in which the process instances are interpreted according to the required compliance controls represented as rules. We analyze in this paper the requirements for the implementatio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IS Management
دوره 23 شماره
صفحات -
تاریخ انتشار 2006