Sarbanes Oxley

1. Gain the support and cooperation of the users and IT professionals

2. Check project management tools for proper usage

3. Perform project reviews at the end of each phase

4. Assess readiness for implementation

5. Present findings to management

Safely retaining and securing data is an important aspect of an effective security strategy. Business demands, increased user requirements and even compliance concerns (i.e., Sarbanes-Oxley) have created a need for a comprehensive Storage Security Policy.

This policy's purpose is to preserve the organization's critical data from damage, disaster, and misuse as well as to ensure fulfillment of compliance requirements, ensure privacy, optimize storage space, reduce the cost of data retention, and ensure that outdated records are properly destroyed. It includes a policy you can customize to meet your needs as well as a risk assessment spreadsheet you can use to judge just how much your organization is at risk by not having this policy in place.

Download Page

Sarbanes Oxley Act of 2002 created because several reasons, below the major reason this list taken from from Wharton Financial Institutions Center, an independently managed site at the Wharton School of the University of Pennsylvania.

The environment triggering corporate scandals

• Take over movement, equity compensation linked executives’ interest to the share price.
• Motivations to meet market expectations among concerns.
• Long term bull market effect (1994-2000),
• Specifically, the reasons for failure of gatekeepers’ e.g. Auditors, lawyers, analyst… in the scandals. (deterrence, bubble)
• Investors` position in that environment is also considered.

Enron Case, as a main model to enlighten the objectives of the SOA the short timeline of Enron’s fall and the comments about the role of participants provided.

• Enron when its stock price was $90 in August 2000, was America’s 7th largest company,
  

Since first time Sarbanes Oxley act enacted, there are many stories about SOX implementation in every company. Both sharing the same story about the happy and the sad part of implementing what so called Risk Control Matrices, IT General Control, and Application Control. Here is seven sign for successful SOX implementation.

1. Number of control implemented is increase
Number of control already implemented is one of the key of successful SOX implementation. During first year of SOX compliance implementation, most of company could not able to implement all control which already designed.

2. Every body happy with the compliances
Usually most of people will refuse new thing, and SOX compliances is one the new thing that people will find difficult to accept. Successful SOX compliances should be able to make every body happy with the policy and procedures that company accepted. Failure dealing with people issue is time bomb for bigger problem tomorrow