Essay Available:
Pages:
4 pages/≈1100 words
Sources:
2
Style:
APA
Subject:
Technology
Type:
Essay
Language:
English (U.S.)
Document:
MS Word
Date:
Total cost:
$ 21.6
Topic:
Sarbanes-Oxley and its Effects on IT Managers
Essay Instructions:
please see attachment for instructions
Essay Sample Content Preview:
Sarbanes-Oxley and its effect on IT managers
Student:
Professor:
Course title:
Date:
Sarbanes-Oxley (SOX) and its effect on IT managers
The Sarbanes-Oxley Act basically demands that every corporation which is publicly-held has to develop internal controls as well as procedures for fiscal reporting in order to reduce the likelihood of corporate fraud. Conforming to SOX implies that the whole IT infrastructure including network security, server, IT operations and IT practices, have to be reinforced and configured to both show and maintain constant Sarbanes-Oxley IT compliance in case of an audit (Losub, 2009). The Sarbanes-Oxley Act enacted in the year 2002 basically holds managers responsible for corporate disclosures answerable for their actions. Moreover, this legislation provides IT managers with guidance on what data they should keep. There are a number of things that IT managers would have to do in a different way as soon as Sarbanes-OxleyAct becomes fully implemented and effective. Introducing a new system into an organization's information technology (IT) environment that conforms to the Sarbanes-Oxley Act has to be a process that is planned carefully (Valiquette, 2013).
Over the years, a lot of midsize and small enterprises have not been saving their email communication properly. In essence, these enterprises are usually concerned with being able to reinstate a system that has failed but they never pay attention to retention. Nonetheless, with the new SOX legislation, such companies could be held culpable for deliberately replacing old backups and failing to save them for possible investigations in future (Losub, 2009). Financial data and SOX: Section 302 of SOX on corporate accountability for fiscal reporting necessitates certification of fiscal statements by both the Chief Financial Officer and the Chief Executive Officer. This implies that every future fiscal reporting has to be corroborated carefully and systematically by the management of organizations with more keenness than ever before.Undoubtedly, the IT department that supports fiscal systems would also have to ensure the correctness, as well as precision of these records (Valiquette, 2013).
Email messages as business records: emails messages comprise a mix of both business and personal content;they are actually company documents which have to be well-preserved. The Courts of law would treat email attachments and messages as business records which have to be kept in order to attain regulatory compliance. A lot of large business organizations have a policy on email communication; however, this is not common practice. Valiquette(2013) pointed out that in most instances, an organization gets new Microsoft Exchange server and the end-users are contented with the email capabilities as well as the Outlook calendar. Although messages go in and out, archival process is lacking. Backups are commonly sent or directed to tape, which are overwritten or rotated every week. Nonetheless, in keeping with SOX, if the IT manager overwrites the tapes, then the organization will be deliberately allowing the destruction of possible evidence (Losub, 2009). Depending on the risks of the business, this scenario can turn out to be a malpractice time-bomb. Additionally, a simple back-up of the Information Store with every mailbox in the Exchange server would actually not provide the IT manager all the emails going out or in. As such, the company is at risk whenever end-users delete their messages, particularly if these users are engaged in some sort of...
Student:
Professor:
Course title:
Date:
Sarbanes-Oxley (SOX) and its effect on IT managers
The Sarbanes-Oxley Act basically demands that every corporation which is publicly-held has to develop internal controls as well as procedures for fiscal reporting in order to reduce the likelihood of corporate fraud. Conforming to SOX implies that the whole IT infrastructure including network security, server, IT operations and IT practices, have to be reinforced and configured to both show and maintain constant Sarbanes-Oxley IT compliance in case of an audit (Losub, 2009). The Sarbanes-Oxley Act enacted in the year 2002 basically holds managers responsible for corporate disclosures answerable for their actions. Moreover, this legislation provides IT managers with guidance on what data they should keep. There are a number of things that IT managers would have to do in a different way as soon as Sarbanes-OxleyAct becomes fully implemented and effective. Introducing a new system into an organization's information technology (IT) environment that conforms to the Sarbanes-Oxley Act has to be a process that is planned carefully (Valiquette, 2013).
Over the years, a lot of midsize and small enterprises have not been saving their email communication properly. In essence, these enterprises are usually concerned with being able to reinstate a system that has failed but they never pay attention to retention. Nonetheless, with the new SOX legislation, such companies could be held culpable for deliberately replacing old backups and failing to save them for possible investigations in future (Losub, 2009). Financial data and SOX: Section 302 of SOX on corporate accountability for fiscal reporting necessitates certification of fiscal statements by both the Chief Financial Officer and the Chief Executive Officer. This implies that every future fiscal reporting has to be corroborated carefully and systematically by the management of organizations with more keenness than ever before.Undoubtedly, the IT department that supports fiscal systems would also have to ensure the correctness, as well as precision of these records (Valiquette, 2013).
Email messages as business records: emails messages comprise a mix of both business and personal content;they are actually company documents which have to be well-preserved. The Courts of law would treat email attachments and messages as business records which have to be kept in order to attain regulatory compliance. A lot of large business organizations have a policy on email communication; however, this is not common practice. Valiquette(2013) pointed out that in most instances, an organization gets new Microsoft Exchange server and the end-users are contented with the email capabilities as well as the Outlook calendar. Although messages go in and out, archival process is lacking. Backups are commonly sent or directed to tape, which are overwritten or rotated every week. Nonetheless, in keeping with SOX, if the IT manager overwrites the tapes, then the organization will be deliberately allowing the destruction of possible evidence (Losub, 2009). Depending on the risks of the business, this scenario can turn out to be a malpractice time-bomb. Additionally, a simple back-up of the Information Store with every mailbox in the Exchange server would actually not provide the IT manager all the emails going out or in. As such, the company is at risk whenever end-users delete their messages, particularly if these users are engaged in some sort of...
Get the Whole Paper!
Not exactly what you need?
Do you need a custom essay? Order right now: