Audit
Programs
AuditNet Links
AuditNet Library
Sarbanes-Oxley
Page
AuditNet
Newsletter
Ask
the Auditor
Audit
Jobs
Partner
Discounts
Search the Site
Our
Sponsors
Advertise
Sign
the Guestbook
AuditNet
Home Page
AuditNet® Book Review
The Joy of Sox
Why Sarbanes-Oxley and Service-Oriented Architecture May Be the Best Thing That Ever Happened to You
By Hugh Taylor
Section 404 of the Sarbanes-Oxley Act requires public companies to establish and document internal controls and then attest to their effectiveness. Public companies are spending about $6 billion a year on compliance efforts. This book is directed to general business readers but in particular anyone who is involved in the Sarbanes-Oxley compliance effort. The author uses a case study approach with a fictitious company called DexCo. The book is divided into three parts. Part I looks at DexCo’s compliance options.
Part II examines how DexCo can leverage SOX to change the business and IT management structure. There is extensive coverage on the technological and organizational aspects for achieving compliance. Part III focuses on a practical process for deploying compliance solutions. This includes a methodology for finding areas of the business that are most vulnerable to compliance and operational problems and how to mitigate them through IT and internal controls. The author provides some SOX resources including a Yahoo Group in an appendix however AuditNet is not included. For those auditors involved in a SOX effort this book may provide you with some new ways to approach management to ensure compliance with the “law of the land”. It does not appear that SOX is going to go way so I recommend that you arm your organization with an array of tools to facilitate the compliance effort.
