Sarbanes-Oxley: What IT managers need to know
Staff
Published: 18 Jan 2005 11:30 GMT
If you work for a public company, chances are there's a Sarbanes Oxley (SOX) project underway. As a manager over a key IT area, you've been recruited to help! If your company is like many others, however, there is a shortage of IT auditing expertise in-house. So what are you going to do?
Your auditors will eagerly email you links to mountains of literature in order to assist you. But that literature is most likely written in Auditese, a language spoken by auditors and mostly incomprehensible. That's where this article comes to your rescue. We've extracted the information you need from the mountain of literature available that will help you create test plans for your company to certify that you have appropriate IT controls in place.
From beginning to end
To begin, let's consider exactly how SOX relates to IT. Perhaps the best analogy developed to date is the following. If the act of financial reporting is like a relay race, with each racer representing a significant business process, then IT supports each business process like the bones support a racer's body structure.
In relay racing, team members must finish their segments of the race completely and accurately in order to make a valid handoff to the next racer. Additionally, each racer is restricted to a specific lane.
Even though a racer could still cross the finish line with a broken leg or injuries to the fingers and hands, achieving optimal performance in the race would be next to impossible because such injuries would have a negative effect on the speed and accuracy of a quick handoff. Running the race to the best of the racer's ability requires healing the injuries. Various short-term remedies, such as first-aid or a leg splint might help. However, only long-term repair will thoroughly heal the leg and allow the racer to run most efficiently.
So the question for IT managers becomes, how healthy are the controls that are built into your infrastructure?
Previous
Did you find this article useful?
230 out of 464 people found this useful
- Share this article:
