• FAQs
• Articles
• Tutorials
• Web Tools
• Reference
• Blog
• Proxy
• Software
• Cell Phones

• IT Management FAQs
• What is service management?
• What is ITIL?
• What is ITSM?
• What is Change Management?
• What is Six Sigma?
• What is DMADV?
• What is DMAIC?
• What is SAS 70?
• What is BS7799?
• What is HIPAA?
• What is Sarbanes-Oxley?
• What is the cost of implementation for Sarbanes-Oxley?
• What is FISMA?
• What is MTBF?
• What is MTTR?
• What is ERP?
• What is CRM software?
• What is Digital Asset Management?
• What is document management?
• What is a document management system?
• What is business intelligence?
• What is a decision support system?
• What are POS systems?
• What is an application service provider?
• What is distributed computing?
• What is e-learning?
• How can business reduce IT costs?
• What are the current top IT security threats?
• What is OLAP?
• What is Groupware?
• What is SaaS?
• Main Menu
• » Networking
• » Physical Layer
• » Data Link Layer
• » Network Layer
• » Network Security
• » Wireless Networks
• » VoIP
• » Telephony
• » Mobile Telephony
• » Electronics
• » Radio
• » Television
• » Cryptology
• » Passwords
• » Smart Cards
• » Privacy
• » Malware
• » Vulnerabilities
• » Unix
• » Macintosh
• » Microsoft Windows
• » The Web
• » Web Publishing
• » E-mail
• » Instant Messaging
• » Databases
• » Computer Hardware
• » CPU's
• » Memory
• » Storage
• » Video
• » Audio
• » Multimedia
• » Satellite
• » Java
• » IT Management
• » Science
• » Miscellaneous

What is Sarbanes-Oxley?

The Sarbanes-Oxley Act was signed into law on July 30, 2002 by President Bush, and was approved by the House by a vote of 423-3 and by the Senate 99-0. Sarbanes-Oxley is considered the most significant change to federal securities laws in the United States since the New Deal. Officially titled the Public Company Accounting Reform and Investor Protection Act of 2002, and commonly called SOX and Sarbox, it was named after sponsors Senator Paul Sarbanes (D-MD) and Representative Michael G. Oxley (R-OH) and came as result of a series of corporate financial scandals.

The Sarbanes-Oxley Act is designed to review dated legislative audit requirements to protect investors by improving the accuracy and reliability of corporate disclosures, covering issues such as establishing a public company accounting oversight board, corporate responsibility, auditor independence, and enhanced financial disclosure. The act's major provisions mention that we can name the prohibition on insider trades during pension fund blackout periods, the certification of financial reports by CEOs and CFOs, the public reporting of CEO and CFO compensation and profits, accelerated reporting of trades by insiders, and ban personal loans to any Executive Officer and Director. Basically, the act requires full disclosure on just about everything.

Sarbanes-Oxley requires additional disclosure as well as criminal and civil penalties for securities violations and significantly longer jail sentences and larger fines for corporate executives who knowingly and willfully misstate financial statements. The act also notes the prohibition on audit firms providing extra "value-added" services to their clients, including actuarial services, legal and extra services such as consulting or unrelated to their audit work. The Sarbanes Oxley Act also requires that publicly traded companies furnish independent annual audit reports on the existence and condition of internal controls as they relate to financial reporting.

Other provisions included mention that US companies are now obliged to have an internal audit function, which must be certified by external auditors. The act also grants auditor independence, including outright bans on certain types of work and pre-certification by the company's Audit Committee of all other non-audit work. The Sarbanes-Oxley Act list also requires that information on how significant transactions are initiated, authorized, supported, processed, and reported must be disclosed if this information is requested at any time.

Sarbanes-Oxley allows enough information about the flow of transactions to identify where material misstatements due to error or fraud could occur. There is also information and other implementations and controls designed to prevent or detect fraud, including who performs the controls and the regulated segregation of duties. This act also states how the period-end financial reporting process and controls over safeguarding of assets, reporting the results of management's testing and evaluation must be handled.

The future of The Sarbanes-Oxley Act will depend on businesses' ability to respond to those areas already mentioned by making it a part of every-day business. Deloitte and Touche LLP has released a new publication called "Under Control" where some points on this matter are exposed, such as education and training to reinforce the control environment, clearly articulated roles and responsibilities and assigned accountability, effective and efficient processes for evaluating testing, remediating, monitoring, and reporting on controls, technology to enable compliance, adaptability and flexibility to respond to organizational and regulatory change, and integrated financial and internal control processes. It's clear that the act may need refining in the future, but presently it serves as a protection to investors against those that do not or mistakenly fail to report accurately.

Books on Sarbanes-Oxley

What is Sarbanes-Oxley?	No law in recent memory has caused more confusion and apprehension in corporate America than the Sarbanes-Oxley Act (SOA). What Is Sarbanes-Oxley? is a concise, comprehensive overview of the act, filled with plain-English explanations of the vital details employees at every level must know and understand to help their firms achieve and maintain SOA compliance. Summarizing the text of the law for ease of understanding and reference, this vital addition to McGraw-Hill's What Is . . . ? series provides readers with: Guidelines for ensuring that a company's policies, procedures, systems, and controls are SOA compliant Management certification responsibilities and noncompliance penalties­­under hot-button Sections 302, 404, and 906 Techniques for modifying existing control systems and programs to meet new SOA specifications.
Manager's Guide to the Sarbanes-Oxley Act : Improving Internal Controls to Prevent Fraud	In a recent survey, Ernst & Young commented that, while large companies are spending millions of dollars to comply with the Sarbanes-Oxley Act, mid-sized and small companies are "stuck like deer in the headlights." Written especially for managers at such companies, Manager's Guide to the Sarbanes-Oxley Act lays out how they can assess and monitor their companies' internal control structures. Using numerous case studies and vignettes, the book explains Sarbanes-Oxley and how it affects managers. Clearly written and practical, Manager's Guide to the Sarbanes-Oxley Act is essential reading for managers, CEOs, CFOs, and auditors.
How to Comply with Sarbanes-Oxley Section 404 : Assessing the Effectiveness of Internal Control	Designed specifically for Sarbanes-Oxley Section 404 compliance, How to Comply with Sarbanes-Oxley Section 404 features: A step-by-step approach to engagement performance Original material from a leading expert in auditing and accounting Practice aids, including forms, checklists, illustrations, diagrams, and tables In-depth explanations to help professionals understand how best to approach the internal control engagement Examples and action plans providing blueprints for implementing requirements of the Act

Free White Papers on IT Management

Bookmark What is Sarbanes-Oxley?

Latest Blog Posts

• Acai Berry Spam via MSN

• Obama Seeks Power to Shut Down the Internet

• Help Beta Test Tech-FAQ 2.0!

• Windows 7 Forum

• Boston College: Ability to Use a Command Line is a Sign of Criminal Activity

• Google Hacked?

• Recycle your old phone – Make some money, and save the environment too!

• SourceForge vs. Freshmeat

• Fastest Web Browser: Google Chrome

• New Webmaster Forum