THE MAGAZINE
Technofile: IT Security
IT Security Requirements of Sarbanes-Oxley
Section 404 of the Sarbanes-Oxley Act requires companies to include in their annual reports a report of management of the company's internal control over financial reporting. How IT risks and controls are affected is explained in a Q&A format in a new publication from risk-consulting company Protiviti. The 32-page guide describes an overall approach to IT risk and control considerations, from identifying and prioritizing IT tasks to understanding how outsourcing any part of the IT function might affect reporting. It divides the subject into nine sections, including documentation, testing, IT control considerations in relation to business processes, and addressing deficiencies.
@ Link to the Protiviti paper, Guide to the Sarbanes-Oxley Act: IT Risks and Controls, through SM Online.
- Login or register to post comments
- Printer-friendly version
Advertise | Subscribe | Free Product Info | Writer's Guidelines | Reprints & Permissions | Sitemap | RSS
Security Management is the award-winning publication of ASIS International, the preeminent international
organization for security professionals, with more than 37,000 members worldwide.
ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.
703-519-6200 | fax 703-519-6299 | www.asisonline.org
© 2012 Security Management
This site is protected by copyright and trade mark laws under U.S. and International law.
No part of this work may be reproduced without the written permission of Security Management.
Powered by: Phase2 Technology
Comments