August 30, 2004
IT Controls Critical under Sarbanes- Oxley Section 404
In August 2002, when the Sarbanes-Oxley Act was passed, many companies focused only on the financial statement aspects to controls. To those who understood that complying with the Act meant far more, they began to focus on the systems (IT) that controlled the data and people (HR) who entered/managed the data. An interesting article from computerworld.com highlights the continued and increase focus on this very important topic.
"Sarbanes-Oxley is having a two-pronged affect on IT asset management practices. Under Section 404 of the act, companies are required to attest to the internal controls that are used for financial reporting. These include IT-related controls that firms have in place to effectively track and monitor hardware, plus software used to support financial reporting. Companies are also required under Sarbanes-Oxley to disclose to regulators all material financial exposures they have, including IT equipment leases and licensing agreements, which have to be tracked closely."
See the complete article
For more information on Issues Central Sarbanes-Oxley Compliance Playbook(tm) see www.issuescentral.com
"Sarbanes-Oxley is having a two-pronged affect on IT asset management practices. Under Section 404 of the act, companies are required to attest to the internal controls that are used for financial reporting. These include IT-related controls that firms have in place to effectively track and monitor hardware, plus software used to support financial reporting. Companies are also required under Sarbanes-Oxley to disclose to regulators all material financial exposures they have, including IT equipment leases and licensing agreements, which have to be tracked closely."
See the complete article
For more information on Issues Central Sarbanes-Oxley Compliance Playbook(tm) see www.issuescentral.com
