Free Pricing | JCPenney Coupons | Pizza Hut Coupons | Home Depot Coupons
Sarbanes-Oxley compliance improves communication

Sarbanes-Oxley compliance improves communication

by Rick Turoczy on May 11, 2006

You know you are at a conference of IT auditors and security chiefs when attendees are frequently urged in “housekeeping” announcements not to leave laptops unattended. These are people who are paid not to miss a thing, and the conference organizers help keep it that way.

Although Cobit has been around since the early 1990s, the Sarbanes-Oxley Act is pushing new interest in the tool, said users who have implemented it. Cobit is also getting updated: A new version of a Sarb-Ox-specific tool that uses Cobit, the IT Control Objectives for Sarbanes-Oxley, is being finalized by the IT Governance Institute (ITGI), which is also in Rolling Meadows. Public comment is now being accepted on the updated tool, which includes recent U.S. Security and Exchange Commission guidance.

“[Sarb-Ox] is an amorphous document — it says ‘have controls,’ but it doesn’t tell you what controls or how to have them,” said Scott Thomas, an IT security manager at a large food services company he asked not to be named. Cobit has given his company “a nice solid process” to follow, as well as something to show auditors to demonstrate what security controls are in place. Without Cobit, communication between the business and IT is “apples to oranges,” he said.

Sarbanes-Oxley compliance improves communication

Leave a Comment

Previous post:

Next post: