Sarbanes-Oxley: Achieving Compliance by Starting with ISO 17799

نویسندگان

  • Dwight A. Haworth
  • Leah Rose Pietron
چکیده

Compliance with the Sarbanes–Oxley Act of 2002 (SOX) has been hampered by the lack of implementation details. This article argues that IT departments that have implemented ten categories of IT controls provided by the International Standards Organization (ISO 17799) will be well on their way toward SOX compliance. A side-by-side comparison of the 124 control components of the ISO Standard and the published SOX implementation guidelines is provided.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Business Process Compliance through Reusable Units of Compliant Processes

Compliance management is essential for ensuring that organizational business processes and supporting information systems are in accordance with a set of prescribed requirements originating from laws, regulations, and various legislative or technical documents such as Sarbanes-Oxley Act or ISO 17799. As the violation of such requirements may lead to significant punishment for an organization, c...

متن کامل

Compliance-Appropriate Spreadsheet Testing

Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare. The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontro...

متن کامل

Sarbanes-Oxley, Basel II, and data mining opportunities in compliance systems

New legislative and industry governance directives have sparked development of systems to tackle Information Lifecycle Management, and related compliance automation for regulations including Sarbanes-Oxley, Basel II and ISO 15489 records management. Many of these systems use a “store now, sort later” philosophy, whereas others capture related information in the context of business processes. Un...

متن کامل

A Framework for Integrating Sarbanes-Oxley Compliance into the Systems Development Process

The Sarbanes-Oxley Act introduces a new set of requirements into software development. Corporations need to assess their internal control effectiveness for business processes to show compliance with the act. This paper proposes a conceptual framework for integrating SarbanesOxley compliance needs into software development by mapping the activities of an established framework for internal contro...

متن کامل

Applying Semantics to Sarbanes Oxley Internal Controls Compliance

The advent of regulatory compliance requirements such as Sarbanes Oxley Act has forced enterprises to set up a process for managing an effective internal controls system. We propose the introduction of a semantic layer in which the process instances are interpreted according to the required compliance controls represented as rules. We analyze in this paper the requirements for the implementatio...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • IS Management

دوره 23  شماره 

صفحات  -

تاریخ انتشار 2006