Database Reference
In-Depth Information
Cross Industry
Cross Compliance
In this chapter, we change our focus to look more closely at compliance aspects. This
is a discussion of the laws, regulations, and frameworks that an enterprise is subject
to. We will present the law, regulation, or framework and then underline both the
practices and technologies that best help you meet it and confirm that it has been
met. There are different degrees of rigor in different areas of compliance in varying
industries and countries that we will focus on in subsequent chapters. This topic
should begin with a discussion involving both the head of internal audit and chief
legal counsel.
Sarbanes-Oxley
First among equals in the cross industry regulations is Sarbanes-Oxley. The
regulation resulted in real focus on risk management and controls verification.
Section 404 requires the management to state that they confirm the effectiveness
of internal controls, and for auditors to attest that the management's assertion is
well founded. Here we will run through a few key sections of Sarbanes and point
out what area of the technology and applications are most helpful in meeting the
requirement. While the act is clearly passed in the United States, it applies to any
entity that is raising money in the U.S., not just U.S. companies. As such, a very
large portion of the companies in the world are subject to the regulations under
Sarbanes-Oxley.
Search WWH ::




Custom Search