
	Home > Executive guide: Sarbanes-Oxley

Executive Guides:

LICENSING & REPRINTS

Executive guide: Sarbanes-Oxley

26 Sep 2005 | SearchCIO.com

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

Most of the dreaded deadlines have passed. But that doesn't mean the Sarbanes-Oxley Act (SOX) should be off your radar. As you've probably heard before, SOX is not Y2K. The rules are different for year two. So what is the CIO's role in ensuring that the enterprise not only achieves, but also continues optimal SOX compliance? This version of the Executive Guide addresses this question in particular. Claudia Imhoff, a seasoned SOX expert offers some specific advice for IT executives dealing with the regulations in this act. Also included in this guide are links to additional SOX resources from around the Web.

This Executive Guide is part of the SearchCIO Executive Guide series, which is designed to give IT leaders strategic guidance and advice that addresses the management and decision-making aspects of timely topics. For a complete list of topics covered to date visit the Executive Guide section. To be alerted when new Executive Guides are available subscribe to the free monthly e-newsletter, CIO Advisor.

Table of contents

Expert's Corner

NEW! Glossary

Basics and SEC news

NEW! Audit advice

NEW! SOX spending

Research and trends

Sarbanes-Oxley and the CIO

Expert's Corner Return to Table of Contents

Claudia Imhoff

The Sarbanes-Oxley Act (SOX) is one of the most far-reaching legislations to have occurred in the U.S. in a long time. It covers everything from who can sit on a board of directors to penalties for mistreating corporate whistle blowers. Its ultimate goal is to restore investor confidence in the wake of the mammoth scandals rocking the stock markets. Compliance with this new legislation is proving to be very expensive (analysts project more that $5 billion will be spent) and time-consuming. And the act is still being interpreted!

But SOX is more than just financial legislation. Certainly it is concerned with ensuring the validity and transparency in the creation and documentation of information in financial statements, but it also means having the right IT systems in place. Unfortunately, reacting today may leave companies playing catch-up in the future. And there are a lot of technologies and software companies touting their ability to support SOX compliance. What is a CIO to do?

The first step is to assign responsibility to someone or some group in the organization for overseeing SOX compliance. The current thinking on who's responsible for this is that there should be some sort of Compliance "Officer" separate from the CIO. In my opinion, if you create this position, it may indicate that the CIO is not involved and that the other executives can wash their hands of compliance issues. Instead, I would recommend forming a committee consisting of the CIO, CEO and CFO, with the compliance officer reporting to the committee.

For more information on how CIOs can handle SOX compliance, check out this segment of the Executive Guide. It will focus on what is needed from a technological point of view for corporations to reach SOX compliance. The focus will be on the visibility, accountability and better governance of critical financial data and the significant role that IT plays in achieving this.

Dr. Claudia Imhoff is founder and president of Intelligent Solutions Inc. in Boulder, Colo. She is an internationally recognized expert on SOX, analytical CRM, business intelligence and the infrastructure to support these initiatives -- the Corporate Information Factory.

Glossary & basics Return to Table of Contents

NEW! Definition: Compliance (Source: SearchCIO.com, powered by Whatis.com)
NEW! Definition: Sarbanes-Oxley Act (Source: SearchCIO.com, powered by Whatis.com)
NEW! Definition: Chief Compliance Officer (Source: SearchCIO.com, powered by Whatis.com)
NEW! Definition: Security audit (Source: SearchCIO.com, powered by Whatis.com)
NEW! Definition: Audit trail (Source: SearchCIO.com, powered by Whatis.com)
NEW! Definition: Redact (Source: SearchCIO.com, powered by Whatis.com)

Basics and SEC news Return to Table of Contents

NEW! Article: SOX: New rules for year two (Source: SearchCIO.com, 6/15/05)
NEW! Article: SOX: Seven steps to CYA (Source: SearchCIO.com, 6/15/05)
NEW! Article: SMBs triumph: SEC grants SOX extension (Source: SearchSMB.com, 9/22/05)
NEW! Article: Former SEC chair is SOX fan -- with exceptions (Source: SearchCIO.com, 7/21/05)
NEW! Article: Will Cox cure SOX pain? (Source: SearchCIO.com, 6/5/05)
NEW! Article: SEC: 404 budgets filled with waste (Source: SearchCIO.com, 5/31/05)
Article: Seven steps to Sarbanes-Oxley compliance (Source: SearchCIO.com, 11/24/03)
Article: Key points of Sarbanes-Oxley (Source: SearchSecurity.com, 10/6/04)

Audit advice Return to Table of Contents

NEW! Audit Trail: The good, the gotcha and the guesser (Source: CIO Decisions magazine, April 2005)
NEW! Audit Trail: The best tool for reducing risk is teamwork (Source: CIO Decisions magazine, May 2005)
NEW! Audit Trail: Sifting through an audit (Source: CIO Decisions magazine, July 2005)
NEW! Article: Cheat sheet: 10 ways to prep for auditors (Source: SearchCIO.com, 6/29/05)
NEW! Article: Salaries for SOX accountants on the rise (Source: SearchCIO.com, 7/7/05)
NEW! Article: SOX auditor talks CIO accountability, red flags (Source: SearchCIO.com, 11/10/04)
Article: 'Typical' SOX violations (Source: SearchSecurity.com, 10/6/04)

SOX spending Return to Table of Contents

NEW! Article: Spending too much on compliance? IT can cut costs (Source: SearchCIO.com, 8/11/05)
NEW! Article: Survey: Compliance spending soars (Source: SearchCIO.com, 4/27/05)
NEW! Article: Regulations bite into the bottom line -- but for how long? (Source: SearchSecurity.com, 5/31/05)
NEW! Article: Compliance is shaking the money tree for IT (Source: SearchWin2000.com, 03/01/05)
NEW! Article: ISD 2005: SOX compliance costing companies big time (Source: SearchSecurity.com, 5/11/05)
NEW! Executive Guide: Budgeting for compliance (Source: SearchCIO.com, 8/16/05)

Research and trends Return to Table of Contents

NEW! Tip: M&A and compliance: Call ahead for CIOs (Source: SearchCIO.com, 8/17/05)
NEW! Tip: Retrofitting IT for e-checking rules (Source: SearchCIO.com, 7/20/05)
NEW! Article: VoIP and SOX: Tricky recipe for CIOs (Source: SearchCIO.com, 7/21/05)
White paper: IT assessment: The CIO sucker punch in Sarbanes-Oxley (Source: Obian, 9/17/04)
Article: Contract compliance is a Sarbanes-Oxley issue (Source: AMR Research Inc., special to SearchCIO.com, 5/15/04)
Column: Sarbanes-Oxley as an IT-business alignment driver (Source: SearchCIO.com, 9/27/04)
Article: Study: Sarbanes-Oxley 'catalyst' for process management (Source: SearchCIO.com, 1/6/04)
Tip: The real deal with Sarbanes-Oxley: Perspectives for the security manager (Source: SearchSecurity.com, 3/19/04)

Sarbanes-Oxley and the CIO Return to Table of Contents

NEW! Q&A: A Compliance Conversation: PEMCO's Kip Boyle (Source: SearchCIO.com, 6/1/05)
Article: CIOs, others bond over SOX (Source: SearchCIO.com, 7/20/04)
Article: SOX Wars -- CIOs share ideas, fears on Sarbanes-Oxley compliance (Source: SearchCIO.com, 7/21/04)
Q&A: A CIO Conversation: Plexus' Tom Czajkowski (Source: SearchCIO.com, 9/21/04)
Q&A: A CIO Conversation: Microsoft's Ron Markezich (Source: SearchCIO.com, 7/28/04)
Q&A: A CIO Conversation: BMC's Jay Gardner (Source: SearchCIO.com, 9/9/04)
Q&A: A CIO Conversation: Wachovia's Martin Davis (Source: SearchCIO.com, 4/8/04)
Q&A: A CIO Conversation: Sprint's Mike Stout (Source: SearchCIO.com, 3/22/04)
Q&A: A CIO Conversation: Quantum CIO loves challenge, change (Source: SearchCIO.com, 2/12/04)
Q&A: A CIO Conversation: First time CIO opens new doors of communication(Source: SearchCIO.com, 1/14/04)

Compliance Return to Table of Contents

NEW! Special report: Coming to terms with compliance (Source: SearchWin2000.com, 3/1/05)
NEW! Article: Spotlight turns to chief compliance officers (Source: SearchCIO.com, 8/25/05)
NEW! Article: Compliance shouldn't be a primary security driver (Source: SearchSecurity.com, 6/8/05)
Article: Compliance and outsourcing: Oil and water or fine vinaigrette? (Source: Meta Group Inc., special to SearchCIO.com, 5/10/04)
Featured Topic: Compliance guide (Source: SearchCIO.com)
Article: Complicated compliance (Source: Meta Group Inc., special to SearchCIO.com, 3/16/04)
Article: Wachovia compliance chief 'joined at hip' with CIO (Source: SearchCIO.com, 11/25/03)
Article: A holistic approach to compliance (Source: SearchCIO.com, 12/12/03)

More resources Return to Table of Contents

NEW! Full text of the act from the SEC
NEW! SEC spotlight on Sarbanes-Oxley rulemaking and reports
NEW! SOX resource center
NEW! White papers (Source: SearchCIO.com, powered by Bitpipe)
NEW! Compliance and legal concerns resource center
Conference presentation: Paring SOX Down to Size: The Impact of Sarbanes-Oxley on IT Governance
Article: Sarbanes-Oxley reading list (SearchStorage.com, 8/15/03)
White paper: Guide to the Sarbanes-Oxley Act: IT Risks and Controls
Official Web site of Paul S. Sarbanes
Official Web site of Michael G. Oxley
Sarbanes-Oxley.com
Sarbanes-Oxley Act Forum

RESOURCES FROM OUR SPONSOR

Regulatory Compliance Best Practices: Mitigating Information Security and Availability Risks and Achieving Sustainable Compliance

Compliance. Corporate governance. Enterprise risk management. Regardless of company size, industry, or location, these words are an integral part of most business objectives. Learn how a strategic approach to compliance delivers various benefits.

Download this free white paper today to learn more.

Digg This! StumbleUpon Del.icio.us

RELATED CONTENT

Sarbanes-Oxley compliance automation software

IBM releases compliance warehouse for unstructured content

BI users can't wean themselves off Excel

Sarbanes-Oxley compliance: GRC technology vs. spreadsheets

Regulatory compliance

Database activity monitoring helps USEC with SOX compliance

Content management software: Who will leverage semi-structured and unstructured data?

Users wary of Rule 37(f) data retention 'loophole'

Spotlight on regulatory compliance

Financial data management tool eases compliance pain

Security policies: Don't be an army of one

Data management tutorials

Enterprise data integration quiz

Data management videocast library

Data quality and governance management quiz

Regulatory compliance

Change management: Reasons for change resistance

A guide to conceptual data models for IT managers

A guide to enterprise resource planning for IT managers

Learning guide: Customer data integration

Learning guide: SQL Server performance tuning A to Z

Learning guide: Data quality

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

compliance (SearchDataManagement.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2005 - 2008, TechTarget \| Read our Privacy Policy