College student in need of help 2645
thebatman last edited by
I am a college student working on a presentation over the Sarbanes-Oxley act for my mgt. class. I have done a bit of research on this topic, however I still feel ignorant. I am specifically looking for information on how the act affects the IT department, what changes need to take place, the impact on information systems, and if anyone has first hand experience implementing this act it would be helpful as well. If anyone can help me with this I would really appreciate the help. Even if it is just helpful web-sites I would be greatful.
gmerkl last edited by
As far as I remember the Information Systems Audit and Control Association (isaca.org) published a document about Sarbanes-Oxley and information technology some time ago.
Keep in mind that the Sarbanes-Oxley Act and the regulations of the US Securities and Exchange Commission (SEC) that implement the Sarbanes-Oxley Act only deal with internal control over financial reporting and disclosure controls and procedures (i.e. all information disclosed in annual report, quarterly reports and ad-hoc reports). There are no specific rules concerning IT in the law or in the regulations.
In other words, only controls over IT systems that relate to financial reporting or the reporting of other disclosures that need to be made to the SEC are impacted. In my opinion there is/was a big hype in order to sell new IT systems and IT audits.