IT Security As Required By Sarbanes-Oxley Term Paper

IT Security As Required By Sarbanes-Oxley - Term Paper ExampleHowever, it is a incident that Sarbox also provides parameters and mechanics for enhancing IT security. Thesis statement The benefits of incorporating the provisions of Sarbanes-Oxley Act of 2002 in IT security far outbalance the short-term gains of non-compliance, since the Act injects organizational transactions with security and confidentiality. II) Brief overview/history of the Sarbanes-Oxley Act The Sarbanes-Oxley Act of 2002 was enacted on July 30th, 2002. Because of the original intention and the mandate of the Act, financial accuracy must be certified by the commission concerned. Because of the provisions of the Same Act, the penalties for financial fraud have been made more severe. Similarly, the Sarbanes-Oxley Act of 2002 strengthened the self-sufficiency of external auditors who analyze and reexamine the accuracy of corporate statements of accounts and also bolstered the oversight function of the board of di rectors. Simon, Smalley, and Schultz (2009) debunk that the Sarbanes-Oxley Act of 2002 comes against the backdrop of serious corporate and accounting scandals such as the Enron, Adelphia, Tyco International, WorldCom and Peregrine Systems Scandals. These scandals had cost investors billions of dollars, pursuance the collapse of the affected companies share prices. These scandals, together with their serious effects weakened public confidence in Americas security markets. The Act comprises 11 sections which range from criminal penalties to additional corporate board responsibilities. The Sarbanes-Oxley Act of 2002 demands that the Securities and sub Commission implements rulings on prerequisites to compliance with the law. III) How the Sarbanes-Oxley Effects & Constraints on Information Technology Security (Industry & Management) Section 404 abidance One of the ways the Sarbanes-Oxley Act of 2002 effects and constraints IT security section 404 compliance is by emphasizing a compr ehensive understanding of intragroup controls, as a set of an enterprises internal procedures, providing reasonable assurances that the enterprise exit meet its target in all the specified areas. This is the case since Section 404 Compliance extends emphasis on not just historical financial reporting, but on internal controls also. Together with the rules spelled out in the SEC, there is a requirement that public companies management should assess and report periodically, on the effectiveness of internal controls on financial reporting. To this effect, it is given that the report that the management hands in must be tended to(p) by statements of evaluations by an external auditor to provide an attestation to the credibility and reliability of the conclusions that the management has made. check to SAI Global (2010), the portfolio that Information Technology Security Section provides also addresses matters beyond Sarbanes-Oxley, to tackle other auditing and good dimensions of int ernal controls and the responsibilities that sundry and all actors dispense, when executing systems of internal controls. Even though the Sarbanes-Oxley Act of 2002 is leaner in scope than internal controls, the Portfolio agrees with the fact of the tremendous impact of the legislation and studies a number of its provisions which might moderations on diverse aspects of internal contr