Sidebar: Guidelines Meld IT Governance, Sarbanes-Oxley Compliance

By Thomas Hoffman

July 14, 2003 12:00 PM ET

Recommended

(4)

Digg

Twitter

Share/Email

Computerworld - Among the tools available to companies grappling with the Sarbanes-Oxley Act are standardized frameworks for IT governance and accounting controls that can be used to link Sarbanes-Oxley documentation activities with corporate IT management procedures.
For instance, the IT Governance Institute and the Information Systems Audit and Control Association, both of which are based in Rolling Meadows, Ill., publish a set of guidelines called Control Objectives for Information and Related Technologies. The six-volume set, known informally as Cobit, contains an IT governance model as well as management guidelines for determining how effectively a company controls IT and improvements that could be made.
The two organizations released a third edition of Cobit in 2000. A majority of the documents are available for free download as an open standard at www.itgovernance.org and www.isaca.org/cobit.htm.
Cobit can serve as an effective bridge between IT governance and Sarbanes-Oxley compliance efforts, said Pamela Fredericks, a senior security consultant at Forsythe Solutions Group Inc. in Skokie, Ill. "If an IT organization follows Cobit, they'll have the documentation to help the CFO comply with [Sarbanes-Oxley]," she said.
Another framework that can be used to improve the quality of financial reporting has been developed by COSO, which is officially known as the Committee of Sponsoring Organizations of the Treadway Commission. The commission is named for James C. Treadway Jr., a former member of the Securities and Exchange Commission and the initial chairman of COSO. All COSO publications are available through the American Institute of Certified Public Accountants, which is based in New York and can be reached online at www.aicpa.org.
COSO's framework focuses on internal accounting controls and is one of the original sources used to create the Cobit guidelines. Companies can apply the accounting tenets set out by COSO to help them achieve Sarbanes-Oxley compliance, Fredericks said.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Legislation/Regulation

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.