منابع مشابه
Holistic Compliance with Sarbanes-Oxley
The theory underlying US securities laws is that investors are helpless without reliable information [Zelizer, 2002]. When Enron's collapse and other corporate frauds made it clear that "practically every element of our system of safeguards failed until it was too late to repair the damage," Congress reinforced those laws by passing the Sarbanes-Oxley (SARBOX) Act [O'Malley, 2002]. This new law...
متن کاملGuidelines for Compliance with Sarbanes-oxley
Over the past few years, cases of miserable failure in corporate governance have shocked the financial world. Enron and WorldCom are just two examples of how a few people in a position of power can cause unprecedented damage to hundreds of thousands of people, including investors, employees, and retirees. Lessons thus learned created a wave of regulations, the most significant being the Sarba...
متن کاملSarbanes-Oxley Links IT to Corporate Compliance
In the wake of financial frauds and related audit issues, the US Congress passed the Sarbanes-Oxley (SARBOX) Act of 2002. Key to becoming SARBOX compliant are information systems (IS) that satisfy the mandates regarding internal controls, corporate governance, and fraud detection. These legal developments focusing senior management's attention on (1) internal controls are present and functionin...
متن کاملSarbanes-Oxley: Achieving Compliance by Starting with ISO 17799
Compliance with the Sarbanes–Oxley Act of 2002 (SOX) has been hampered by the lack of implementation details. This article argues that IT departments that have implemented ten categories of IT controls provided by the International Standards Organization (ISO 17799) will be well on their way toward SOX compliance. A side-by-side comparison of the 124 control components of the ISO Standard and t...
متن کاملApplying Semantics to Sarbanes Oxley Internal Controls Compliance
The advent of regulatory compliance requirements such as Sarbanes Oxley Act has forced enterprises to set up a process for managing an effective internal controls system. We propose the introduction of a semantic layer in which the process instances are interpreted according to the required compliance controls represented as rules. We analyze in this paper the requirements for the implementatio...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Communications of the Association for Information Systems
سال: 2004
ISSN: 1529-3181
DOI: 10.17705/1cais.01411