Website logo

A summary of Oxley Sarbanes Act



       

 

 


  
A summary of Oxley Sarbanes Act

 


Home >Sarbanes Oxley >



Nearly every industry has been subject to government and industry regulations dictating how they should conduct their businesses with explicit penalties for those failing to comply.Managing regulatory compliance is no longer business as usual.

New regulations like the Sarbanes Oxley Act of 2002 impose hefty penalties.These new regulations have moved corporate governance, risk and comprehensive corporate compliance to the forefront of corporate boardroom dialogue.

The process of achieving and sustaining Sarbanes Oxley compliance is time consuming and expensive. The process includesestablishing control objectiveswhat do we need to do in order to minimize riskimplementing controlswhat processes and procedures do we need to put in place in order to meet the objectivesand providing proofhow can we prove, such as through audits, on an ongoing basis, that the controls are in place and working.

Who has access to critical data?Who has access to financial systems?

E.g. An employee who is an inventory clerk with access to the inventory ordering systems should not have access to the accounts payable systems where purchase orders are issuedthat would set up a conflict of interest and would pose an unnecessary risk.

Sustaining Sarbanes Oxley compliance is time consuming and expensive.

Many companies delayed or even cancelled important IT projects in favor of compliance projects.

A user should have only those permissions required to do his job.

Employees who resign or are fired must have their accounts deleteddeprovisionedimmediately.

An IT staffer who writes code for a given system must not also be an administrator of that system

Sun Microsystems produce mand Oxley Sarbanes compliant products.

IT must provide assurance that mission critical software applications are not exposed to potential failure due to human error, staff turnover or sabotage

Identity management software provides a complete and centralized view of access privileges .

An identity based approach to Sarbanes Oxley compliance moves a company from relying on manual, fragmented processes to maintaining a continuous, optimized state of compliance.

 

  

 

 

 

      
       
Go back to the ..
Sarbanes Oxley
section page.		      
       

- -
-
-
-
-
-
-
-
-
-
-

To return to the main index press home at the bottom of the page.

-

Home Page Back to top