Computerworld
Quick Menu
Search



Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Finance
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Have You Been Ignoring Sarbanes-Oxley Because Your Company Isn't Public?

Robert Braun, Jeffer, Mangels, Butler & Marmaro   Today’s Top Stories   or  Other Legislation/Regulation Stories  
 

Sign up to receive Legislation/Regulation Resource Alerts

August 30, 2004 (Computerworld) -- The Sarbanes-Oxley Act of 2002 has been called the most significant new securities law since the Securities and Exchange Commission was created in 1934. Although it's generally known that Sarbanes-Oxley places substantial responsibilities on officers and directors of public companies and imposes very significant criminal penalties on CEOs, CFOs and others who violate various provisions of the act, it's less widely recognized that it will have effects on nonpublic companies as well. Corporations that aren't public today but hope to become publicly owned or to be sold to a public company in the future need to be aware of the basic requirements for operating in compliance with certain requirements of Sarbanes-Oxley, particularly for establishing and following detailed internal controls.
Sarbanes-Oxley doesn't define how a company that is subject to the act must comply with it, largely in recognition that there is no "one size fits all" solution. However, the law does provide enough specificity for companies to formulate compliance strategies, and IT departments will be key to those strategies. Given the complexity of financial and operational record keeping and reporting, as well as the high stakes for noncompliance, the use of automated systems is key. This is particularly important in the application of Section 404 of Sarbanes-Oxley, which mandates that management directly certify the system of internal controls and disclose the framework it is using to assess the effectiveness of the underlying systems, procedures and controls that affect financial information and reporting.
Not for public companies only
Many observers believe that the requirements imposed by Sarbanes-Oxley will be applied to nonpublic companies. This application could come about in a number of ways:

  • Banks and other lenders often require audited financial statements, operational reviews and compliance certificates from their borrowers; the issues that public companies must certify to, particularly regarding the accuracy of systems and financial statements, are just as applicable to lenders as they are to the investing public.

  • Insurers may choose to impose similar requirements as a means of ensuring the accuracy of information of their clients as a means for reducing the frequency and amount of claims, particularly with regard to errors-and-omissions insurance coverage.

  • Sophisticated investors are likely to consider the procedures and requirements imposed by Sarbanes-Oxley to be just as important to their interests as they are to shareholders of public companies, particularly in the case of hedge funds, mutual funds and other investments that get their funds from the public.

All of these factors are likely to make provisions of Sarbanes-Oxley the standard, not only for the public companies at which the law was aimed, but also for other companies that never thought they would be affected by the
Continued...
1 | 2 | 3 | NEXT  



Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story
"This is a story that just won't go away. Sarah Palin has been ordered to retain her Yahoo private e-mail..." Read more...
"In an era where the NSA can tap anyone's phone with impunity, is privacy truly dead? Only if you lay..." Read more...
Read more Government & Regulation posts or See all Blogs
'Experimental' security fix is malware, Microsoft says
Tough economic climate can heighten insider threat
Top security suites fail exploit tests
More top stories...
16 e-mail and instant messaging boosters
Microsoft readies first attack forecast
NASA follows Mars successes with plans for $2B super rover
How bad? 'I thought I was going to throw up,' Jennifer Brunner recalls.
Think your project's off track and over budget? Learn a lesson or two from these infamous project flameouts.
In our hands-on testing, the new Xohm WiMax network from Sprint was fast and smooth -- but for now, you have to be in Baltimore to get it.
College student David Kernell allegedly broke into a middle school server eight years ago, according to a former teacher.
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Application Performance Zone
Business Continuity Zone
The File Data Management Zone
Security Management Zone
The SAS Zone
Business Intelligence and Analytics Zone
Windows Protection Zone
The Enterprise Search Zone
Software as a Service Zone
The Security Zone

Ads by TechWords

See your link here
Computerworld Executive Briefing: The Compliance Era
Get this briefing free (a $195 value), for a limited time, courtesy of VeriSign.
The new Computerworld report, The Compliance Era, explains why regulatory compliance has zoomed to the top of the IT agenda and shows how real-world IT executives are dealing with the storage, security and privacy challenges. Get this briefing free (a $195 value), for a limited time, courtesy of VeriSign.
Download this executive briefing download
From Laggard to Leader: Transforming the Data Center
From Laggard to Leader: Transforming the Data Center
Register for this complimentary webcast today!
Go to the webcast 
Using a High-Performance Network Backbone to Meet the Requirements of the Modern Government Data Center
Download this white paper today!
(Source: Juniper) This informative white paper offers insights into the latest trends, challenges, best practices and leading technologies that drive today's public agency data center network. It also reviews steps for implementing a framework that can mitigate risk and support the modern consolidated data center - efficiently and cost effectively.
Download this white paper go
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
LIVEWIRE™: Full-Server Protecting and Recovery in Real-Time
Eliminate Tape Restores with TimeData CDP
Protecting Sharepoint with Double-Take for Windows 5.0
View more whitepapers