원문정보
초록
영어
The Sarbanes-Oxley (SOX) Act is a United States federal law enacted on July 30, 2002 in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. This paper discusses the effects of Sarbanes-Oxley (SOX) Act on corporate information security governance practices. The resultant regulatory intervention forces a company to revisit its internal control structures and asses the nature and scope of its compliance with the law. This paper reviews the implications emerging from the mandatory compliance with Sarbanes-Oxley (SOX) Act. Issues related to IT governance and the general integrity of the enterprise are also identified and discussed. Industry internal control assessment frameworks, such as COSO and COBIT, are reviewed and their usefulness in ensuring compliance evaluated.
목차
1. Introduction
2. Corporate & IT Management
2.1 IT Governance
2.2 Role of Internal Controls
2.3 Internal Control Objectives
2.4 The COSO framework
2.5 COBIT
3. The Sarbanes-Oxley Act
3.1 SOX Titles
3.2 The impact of Sarbanes-Oxley Sections on IT
4. IT controls and the Sarbanes-Oxley Act (SOX)
5. Emergent Issues
6. Key Findings
7. Conclusion
References