ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Compliance Toolkit

Sarbanes-Oxley: What IT managers need to know

Staff

Published: 18 Jan 2005 11:30 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

If you work for a public company, chances are there's a Sarbanes Oxley (SOX) project underway. As a manager over a key IT area, you've been recruited to help! If your company is like many others, however, there is a shortage of IT auditing expertise in-house. So what are you going to do?

Your auditors will eagerly email you links to mountains of literature in order to assist you. But that literature is most likely written in Auditese, a language spoken by auditors and mostly incomprehensible. That's where this article comes to your rescue. We've extracted the information you need from the mountain of literature available that will help you create test plans for your company to certify that you have appropriate IT controls in place.

From beginning to end
To begin, let's consider exactly how SOX relates to IT. Perhaps the best analogy developed to date is the following. If the act of financial reporting is like a relay race, with each racer representing a significant business process, then IT supports each business process like the bones support a racer's body structure.

In relay racing, team members must finish their segments of the race completely and accurately in order to make a valid handoff to the next racer. Additionally, each racer is restricted to a specific lane.

Even though a racer could still cross the finish line with a broken leg or injuries to the fingers and hands, achieving optimal performance in the race would be next to impossible because such injuries would have a negative effect on the speed and accuracy of a quick handoff. Running the race to the best of the racer's ability requires healing the injuries. Various short-term remedies, such as first-aid or a leg splint might help. However, only long-term repair will thoroughly heal the leg and allow the racer to run most efficiently.

So the question for IT managers becomes, how healthy are the controls that are built into your infrastructure?

Next

Previous

1 2 3 4


  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with Konica

Did you find this article useful?
230 out of 464 people found this useful


In association with Intel

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Compliance


Related Jobs

Procurement Officer

SAP WM-IM Consultant

Oracle DBA: 45k, West Mids

Loading Video Player ....

Featured Talkback

In association with Intel
There will be further activation issues to watch out for as Microsoft plans to offer a similar service to independent software vendors whereby they can "control" licensing through activation and other measures similar to the Software Protection Platform.

By: DefenceIT

Read full story:
Microsoft outage down to 'human error'

Sentry Posts Blog

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Government launches new e-crime unit

Ok, so this is outside of my main area of focus of sustainable and green tech but I do track some security issues too. I was at a meeting last week with Microsoft's security advisor... More

Post a comment