Browsing the Web, we’ve found some great articles that are a value to any IT Management professional trying to ‘guage’ the impact of SOX and Section 404 on their company.

What the Sarbanes Oxley Act Means for IT Managers: utilizes real life examples of the ACTs impact in the way IT Departments run.

Document Retention, the IT Manager’s Changing Role: is an excellent resource on things your can adjust today to prepare your future in compliance.

The Real Value in Sarbanes Oxley: Business runs on discovering and creating value. In this month’s Harvard Business Review, the co-authors discuss how smart companies are finding unexpected benefits in Sarbanes-Oxley compliance.

“Our first ITA Compliance Roundtable session was very productive for all involved.  About 40% of the pre-registered showed up for the 8:00 time slot…those that were there represented a wealth of knowledge and expertise in many facets of the IT world.  Thank you for all your input and discussions with our panelists!” - LF. Gibson

 

Here’s a Summary of some of the main topics discussed in response to the 4 “pre-loaded” compliance questions for this season:

What Issues are facing SMB IT Managers today that relate to Corporate Compliance?

• Frank Reidelberger fielded this question to start – and discussion was opened to the group.
• Privacy Issues was a big topic – how it’s effecting their own IT departments, the accountability of the Company, and protection of internal data and Customer Information.
• Corporate Security Today – Where are the Controls that fit into Compliance Management?
• What effort can you department contribute to ‘decoding’ compliance and in the mean time, get more funding?

What IT Management can do to ensure that IT efforts align with corporate objectives?

• Steve MacGill fielded this question to start – and discussion was opened to the group.
• Steve explained how can IT bring their Departmental concerns of IT to the boardroom and get the respect and funding to be Proactive instead of Reactive?
• Ideas were discussed on how IT can be the leader in Supporting – Growing – Transforming any company in the wake of Sarbanes Oxley audits and preparations.

What IT departments are doing to automate their controls and what could they do to improve their processes?

• Lisa DuBrock fielded this question to start – and discussion was opened to the group.
• Automation is the KEY to successful and cost effective compliance management for any company.
• There needs to be a cross discussion between IT and Finance professionals – so controls can be validated, understood, and reworked – to make everything run better.
• It was brought up that IT take a “Portfolio Management” approach to funding their internal efforts to the company.
• Tidbits for fielding requests for IT projects that link with Compliance management– i.e. some projects will:
  • Help run the business
  • Aim to grow the business
  • Have the potential to transform the business
  • SOA?  Integration Issues in the future, to AID in Automation of Compliance? 

What Rights do the IT departments have regarding the SOX audit procedure?

• Sally Smoczynski lead the discussion on the Radian Compliance: Sarbanes Oxley BILL OF RIGHTS (download for free)
• How to empower your IT department to control the scope of the Audit before anyone steps into your domain.
• How to negotiate with the auditor and prep them for your internal workings and controls – for a successful “pass”.

Want Compliance Headaches to End? Maybe Companies Should Stop Cheating…

If you think that the buzz over compliance and corporate scandals is dying down, just check out this week’s headlines. The former CEO of an online home listings company was recently sentenced to 15 years after a jury found him guilty in a scam in which he used fake transactions to boost the company’s advertising sales numbers. Federal investigators have apparently launched an antitrust investigation involving the SRAM (static random access memory) market, which makes chips for mobile phones and other low-power devices. And Oracle has agreed to pay the U.S. government $98 million to settle charges that PeopleSoft provided incorrect pricing information to the General Services Agency and, as a result, was overpaid.