A Framework for Integrating Sarbanes-Oxley Compliance into the Systems Development Process
نویسندگان
چکیده
The Sarbanes-Oxley Act introduces a new set of requirements into software development. Corporations need to assess their internal control effectiveness for business processes to show compliance with the act. This paper proposes a conceptual framework for integrating SarbanesOxley compliance needs into software development by mapping the activities of an established framework for internal controls to the various workflows of the systems development process. Theoretical and practical contributions are discussed and future research directions are explored.
منابع مشابه
Compliance-Appropriate Spreadsheet Testing
Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare. The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontro...
متن کاملApplying Semantics to Sarbanes Oxley Internal Controls Compliance
The advent of regulatory compliance requirements such as Sarbanes Oxley Act has forced enterprises to set up a process for managing an effective internal controls system. We propose the introduction of a semantic layer in which the process instances are interpreted according to the required compliance controls represented as rules. We analyze in this paper the requirements for the implementatio...
متن کاملSarbanes-Oxley, Basel II, and data mining opportunities in compliance systems
New legislative and industry governance directives have sparked development of systems to tackle Information Lifecycle Management, and related compliance automation for regulations including Sarbanes-Oxley, Basel II and ISO 15489 records management. Many of these systems use a “store now, sort later” philosophy, whereas others capture related information in the context of business processes. Un...
متن کاملDiffusing Management Information for Legal Compliance: The Role of the IS Organization Within the Sarbanes-Oxley Act
Information systems are vital to successful compliance with Section 404 of the Sarbanes Oxley Act. However, there is little published academic literature which reports systematic studies that explain how IS organizations implement 404. Institutional theory was adopted as the lens through which to examine the experiences of 404 implementation in three global organizations. The methodology for th...
متن کاملThe Impact of the Sarbanes-Oxley Act on IT Project Management: A Case Study
In 2002, the Sarbanes-Oxley Act was passed into law requiring all U.S. based, publicly traded companies to report on the status of their internal controls governing the reporting of financial information. Because of the close relationship between financial reporting and IT, the requirements of the Sarbanes-Oxley (SOX) Act has also greatly impacted IT Governance and the way IT projects are manag...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CAIS
دوره 20 شماره
صفحات -
تاریخ انتشار 2007