Advertisement
Promo

Compliance Toolkit

Sarbanes-Oxley: What IT managers need to know

Staff

Published: 18 Jan 2005 11:30 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

If you work for a public company, chances are there's a Sarbanes Oxley (SOX) project underway. As a manager over a key IT area, you've been recruited to help! If your company is like many others, however, there is a shortage of IT auditing expertise in-house. So what are you going to do?

Your auditors will eagerly email you links to mountains of literature in order to assist you. But that literature is most likely written in Auditese, a language spoken by auditors and mostly incomprehensible. That's where this article comes to your rescue. We've extracted the information you need from the mountain of literature available that will help you create test plans for your company to certify that you have appropriate IT controls in place.

From beginning to end
To begin, let's consider exactly how SOX relates to IT. Perhaps the best analogy developed to date is the following. If the act of financial reporting is like a relay race, with each racer representing a significant business process, then IT supports each business process like the bones support a racer's body structure.

In relay racing, team members must finish their segments of the race completely and accurately in order to make a valid handoff to the next racer. Additionally, each racer is restricted to a specific lane.

Even though a racer could still cross the finish line with a broken leg or injuries to the fingers and hands, achieving optimal performance in the race would be next to impossible because such injuries would have a negative effect on the speed and accuracy of a quick handoff. Running the race to the best of the racer's ability requires healing the injuries. Various short-term remedies, such as first-aid or a leg splint might help. However, only long-term repair will thoroughly heal the leg and allow the racer to run most efficiently.

So the question for IT managers becomes, how healthy are the controls that are built into your infrastructure?

Next

Previous

1 2 3 4


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
231 out of 470 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Compliance



Related Jobs

Validation Engineer

Business Analyst / Project Manager - eDMS

Configuration and Release Analyst

Video icon

Video

Cloud Watch Special Report

Five cloud computing myths exploded

Five cloud computing myths exploded

Analysis The cloud is providing a fertile habitat for the marketeers and their exaggerated claims. We examine the hokum and debunk the five most frequently peddled misconceptions about the cloud

Photo Inside IBM's only European Cloud Centre

Comment Cloud savings fail to make up for loss of control

More Special Reports

Sentry Posts Blog

Authentication risks all too human

Risks to successful online banking identification and authentication using smartcards involve a mixture of human and technological factors, according to the European Network and Information... More

1 comment

Opera censors Chinese content

Opera has updated the Chinese version of its mobile browser to stop users accessing restricted content. Opera Mini was updated on Friday from an international to a Chinese version,... More

2 comments

Symantec website breached

Security company Symantec has said that one of its websites was successfully breached. Romanian security researcher 'Unu' posted details of the breach in a blog post on Monday. Unu... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters