Definition of Sarbanes Oxley

The Sarbanes Oxley Act is a set of rules put together by the US government in an effort to improve a company's audit. These rules came about primarily due to the many corporate scandals that plagued the US not too long ago including some very high-profile cases such as Enron.

Initially, Sarbanes Oxley was viewed as a finance issue, but it soon became apparent that IT systems were so integral to the storage and retrieval of financial data, that much of the burden for compliance shifted to the IT department. To make matters worse, companies found that instructions were vague and definitions of compliance could differ between companies.

The July 1, 2005 issue of CIO Magazine identified these items as the top 5 IT control weaknesses as reported by auditors:

  1. Failure to segregate duties within applications, and failure to set up new accounts and terminate old ones in a timely manner.
  2. Lack of proper oversight for making application changes.
  3. Inadequate review of audit logs.
  4. Failure to identify abnormal transactions in a timely manner.
  5. Lack of understanding of key system configurations.

Other Definitions

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 4.00 out of 5)

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail.