Computerworld - Imagine asking 40 CIOs in six cities what their biggest worries are these days. I'd expect to hear about freeze-dried IT budgets, unfinished projects, sinking staff morale or loss of corporate confidence.
I'd be way off base.
What I never would have guessed was the Sarbanes-Oxley Act of 2002, that Loch Ness monster of new financial reporting and disclosure requirements enacted by Congress in the aftermath of Enron and a string of other corporate scandals. Nobody quite knows how far-reaching its impact on IT infrastructures will be, but ignorance is the opposite of bliss here.
"The CIOs feel blindsided by this," says Cathy Hotka, principal of Cathy Hotka & Associates and former VP of IT at the National Retail Federation. In a recent series of CIO roundtables she moderated, Hotka was surprised to find SOX (as the finance types call the act) a topic of so much consternation among senior IT execs. "They know the CFOs have it on their radar screens, and they don't like that feeling. Nobody has a handle on this yet," she says.
Sarbanes-Oxley is reverberating throughout IT management like an eerie echo of Y2k, with compliance deadlines looming and businesses feeling threatened and uncertain about the extent of the potential damage (that is, legal trouble) if changes aren't made. As one of Hotka's CIO dinner guests observed, "I could end up spending $1 million to fix a $100,000 problem!"
"There's a tremendous amount of confusion" about what IT should be doing to ensure compliance with Sarbanes-Oxley, says John Hagerty, an analyst at AMR Research Inc. in Boston. A recent AMR poll of 60 companies found that while 85% are anticipating changes in system and application infrastructures, an equally whopping 80% are unsure of what the changes will be.
In light of all this free-floating anxiety, last week's news that the Securities and Exchange Commission had extended the deadline for Sarbanes-Oxley compliance another nine months (to June 2004) might seem like a welcome relief.
But senior IT managers should be using this gift of time to get their information engines in gear -- not to relax.
Step 1: Dive in and do some research. Online in our IT Management Knowledge Center, we've compiled a special topics page with all of our ongoing coverage of Sarbanes-Oxley and additional links to sister publication CIO magazine's recent series on legislative issues. We'll keep adding resources to that page, so let us know what kind of additional information you need. If you search on Google for "Sarbanes-Oxley and CIOs," you'll get more than 700 hits. Many are worth
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Future Focus: What's Coming in Enterprise Mobility Management (EMM) Find out why Enterprise Mobility Management (EMM) solutions that are truly future-ready must be designed to enable Machine-to-Machine (M2M) capabilities and much more.
- The CIO's Guide to Enterprise Mobility Management (EMM) This guide will help those making an EMM platform decision make the best choice for their organization.
- Yankee Group: BlackBerry Results Refute Rumors of its Demise Yankee Group: BlackBerry® is stronger than the press makes it out to be.
- Your New EMM Platform: How to Streamline the Migration Smartphone migration can be resource-intensive and challenging. Find out how outsourcing the process can save significant time and money.
- Live Webcast Increasing the Value of Your Reports and Dashboards Learn how incorporating other analytical capabilities such as predictive modeling and visualization can increase the value of your reports and dashboards by providing...
- Testimonial: Cystic Fibrosis Trust Peter Hawkins, the Head of IT for Cystic Fibrosis Trust, discusses the role CommVault's Simpana software platform plays in improving the company's information...
- Increasing the Value of Your Reports and Dashboards Learn how incorporating other analytical capabilities such as predictive modeling and visualization can increase the value of your reports and dashboards by providing... All Management White Papers | Webcasts