Premium Essay

Sox and Its Effects on It Security Governance

In: Business and Management

Submitted By ritchiebohol
Words 3348
Pages 14
International Journal of Smart Home Vol. 3, No. 1, January, 2009

SOX and its effects on IT Security Governance
Rosslin John Robles1, Min-kyu Choi1, Sung-Eon Cho2, Yang-seon Lee2, Tai-hoon Kim 1 School of Multimedia, Hannam University, Daejeon, Korea 2 Dept of Information Communication, Sunchon Univerity, Sunchon, Korea 3 Fumate Inc., Daejeon, Korea rosslin_john@yahoo.com, secho@sunchon.ac.kr, yslee@fumate.com, taihoonn@empal.com Abstract
The Sarbanes-Oxley (SOX) Act is a United States federal law enacted on July 30, 2002 in response to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. This paper discusses the effects of Sarbanes-Oxley (SOX) Act on corporate information security governance practices. The resultant regulatory intervention forces a company to revisit its internal control structures and asses the nature and scope of its compliance with the law. This paper reviews the implications emerging from the mandatory compliance with Sarbanes-Oxley (SOX) Act. Issues related to IT governance and the general integrity of the enterprise are also identified and discussed. Industry internal control assessment frameworks, such as COSO and COBIT, are reviewed and their usefulness in ensuring compliance evaluated.

1. Introduction
Accounting scandals at some of the big corporations like Enron, HealthSouth, Tyco and WorldCom had a devastating impact on investor confidence. Clearly, it was possible to engage in frauds of such magnitude because of the inability of auditors to detect early signs of such possibilities. This paper reviews the impact of legal controls on Information Technology (IT) governance practices, especially in the case of SOX Act. The resultant crisis in the financial markets and massive media coverage of the frauds created a situation where

Similar Documents

Free Essay

Check This Out

...hkgfkfljhfghjkffhhhkhgfhgfjdsytfgiug egvdbgfbfgdfssdvbdsfsdvxm,;lcmmncxlxnc,sdnclxz ,x .dmclkdsjflksdjfg b fhthethregTHE EFFECTS OF THE SARBANES-OXLEY ACT AND CANADIAN EQUIVALENT, BILL 198/CSA RULES, ON CANADIAN CROSS-LISTED STOCKS Ben Amoako-Adu * Financial Services Research Centre School of Business and Economics Wilfrid Laurier University Waterloo, Ontario, Canada N2L 3C5 Telephone: (519)-884-0710 x 2327 Email: bamoako@wlu.ca Vishaal Baulkaran Financial Services Research Centre School of Business and Economics Wilfrid Laurier University Waterloo, Ontario, Canada N2L 3C5 Telephone: (519)-884-0710 x 2846 Email: baul2810@wlu.ca ________________________________________________________________________ * Direct correspondence to the contact author, Ben Amoako-Adu. This research was presented at the 2008 Eastern Finance Conference in Florida and the 2008 Midwest Finance Conference in San Antonio, Texas. We would like to thank the discussants of the paper at the above conferences. An earlier version of this paper was discussed at Wilfrid Laurier Finance Workshop in 2007. THE EFFECTS OF THE SARBANES-OXLEY ACT AND CANADIAN EQUIVALENT, BILL 198/CSA RULES, ON CANADAIN CROSS-LISTED STOCKS Abstract Following the Sarbanes-Oxley Act of 2002 (SOX), Canada subsequently implemented similar SOX-type rules on Canadian firms by enacting Ontario Bill 198 and the enforcing several of the Canadian Securities Administrators’ (CSA) rules. This paper tests the impact of the Canadian equivalent, Bill 198/CSA...

Words: 11274 - Pages: 46

Free Essay

The Sarbanes-Oxley Act of 2002

...Theory and Practice 0902 ACCT422 4021 Due: April 29, 2009 Table of Contents Page Number What is the Sarbanes-Oxley Act of 2002? 3 Why was SOX established? 4 When did SOX take effect? 5 What companies were affected and how? 6 What does SOX compliance require? 9 Conclusion 11 References 13 What is the Sarbanes-Oxley Act of 2002? The Sarbanes-Oxley Act of 2002 – its official name being “Public Company Accounting Reform and Investor Protection Act of 2002” – is recognized to be the most significant U.S. federal disclosure and corporate governance legislation since the Securities Act of 1933 (the Securities Act) and the Securities Exchange Act of 1934 (the Exchange Act), and, the provisions of the Act are significant enough that it is considered by many to be the most significant change to federal securities laws in the U.S. since the New Deal. It is best understood, however, not as a piece of legislation centered on a new concept of regulation, but as a process which mandated that many major reforms be implemented as soon as possible (in some cases, within 30 days) on the precise schedule specified by Congress. In that sense, the Enron and WorldCom debacles provided the impetus of public outrage that forced into effect some of the most readily available reform proposals for publicly traded companies, many of which had existed for years without sufficient political imperative to be enacted...

Words: 3247 - Pages: 13

Premium Essay

The Impact of the Sarbanes Oxley Act on Corporate Governance

... 082168461   The impact of the Sarbanes-Oxley Act on Corporate Governance and US Companies An examination to determine the impact of the Sarbanes Oxley Act, the costs and benefits of its implementation and how it has affected Corporate Governance and US Companies. Table Of Contents 1. Abstract...................................................................................................................... 4 1.1 Introduction ................................................................................................. 4 1.2 Methodology................................................................................................ 4 1.3. Limitations .................................................................................................. 5 1.4 Analysis and conclusion .............................................................................. 5 1.5 Further research ........................................................................................... 6 2. Literature Review: An Overview of Corporate Governance ..................................... 6 2.1 United Kingdom ........................................................................................ 14 2.2 Self-regulation prior to SOX ..................................................................... 18 3. Literature Review: The SOX Act ................................................................ 19 3.1 Enron, the trigger to SOX? ...............................................................

Words: 17258 - Pages: 70

Premium Essay

Fins 3616

...Act 2002 - In the US, corporate governance is determined predominantly by legislation in the form of the Sarbanes-Oxley Act of 2002 ("SOX") and detailed regulations which SOX required the Securities and Exchange Commission ("SEC"), New York Stock Exchange ("NYSE") and NASDAQ to draw up. -What is The Sarbanes-Oxley Act 2002?It is a U.S federal law that set new or enhanced standards for all U.S public company boards, management and public accounting firms. - It established a series of requirements that affect corporate governance in the U.S. and influenced similar laws in many other countries - The Sarbanes-Oxley Act of 2002 is mandatory. ALL organizations, large and small, MUST comply - Historically, Sarbanes-Oxley (SOX) was passed to combat corruption at big public companies like Enron, WorldCom, Tyco, Adelphia, Global TelLink, HealthSouth, and Arthur Andersen. But small and not-for-profit companies are finding they have no choice but to adopt many of the same standards if they want to get insurance, attract investors and donors, and repel lawsuits. The law has five main objectives : 1) To strengthen the independence of auditing firms. 2) To improve the quality and transparency of financial statements and corporate disclosure. 3) To enhance corporate governance 4) To improve the objectivity of research 5) To strengthen the enforcement of the federal securities laws, including the use of criminal penalties. Major element in SOX - A new regulatory agency, Public...

Words: 386 - Pages: 2

Premium Essay

The Scrushy Way

...NORTHCENTRAL UNIVERSITY ASSIGNMENT COVER SHEET Learner: Patrick W. Bass THIS FORM MUST BE COMPLETELY FILLED IN Please Follow These Procedures: If requested by your mentor, use an assignment cover sheet as the first page of the word processor file. The assignment header should include the Learner’s last name, first initial, course code, dash, and assignment number (DoeJXXX0000-1) justified to the left and the page number justified to the right. Keep a Photocopy or Electronic Copy of Your Assignments: You may need to re-submit assignments if your mentor has indicated that you may or must do so. Academic Integrity: All work submitted in each course must be the Learner’s own. This includes all assignments, exams, term papers, and other projects required by the faculty mentor. The known submission of another person’s work represented as that of the Learner’s without properly citing the source of the work will be considered plagiarism and will result in an unsatisfactory grade for the work submitted or for the entire course, and may result in academic dismissal. | | MGT7019-8 | Dr. Jennifer Scott | | | Ethics in Business | Assgn #7 | | | No additional comments at this time. ------------------------------------------------- ------------------------------------------------- Faculty Use Only ------------------------------------------------- <Faculty comments here> ------------------------------------------------- ------------------------------------------------- ...

Words: 1617 - Pages: 7

Premium Essay

A Primer on Sarbanes-Oxley

...according to Sarbanes-Oxley (SOX) as related to ethics and those influenced by decisions from investment management. I assessed the financial and social business practices of different organizations and identified ethical issues within the businesses that impacted internal and external stakeholders. Research revealed issues and activities that should have been resolved voluntarily prior to SOX’s enactment to meet ethical considerations relative to social and financial performance and the organization’s reputation. Recommendations were made based on studies and scholarly articles implicating the best governance practices organizations should adopt to remain compliant with SOX. What is SOX? SOX was established in 2002 as an act to strengthen corporate governance and restore investor confidence. The most important conditional term was to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws and other purposes (Jennings, 2012, p. 212). Provisions under SOX affected organizations’ processes and changed how financial information was released to the public. The act highlights the importance of information system controls by requiring management and auditors to report on the effectiveness of internal controls over the financial reporting component of the organization’s management information systems (Li, Peters, Richardson & Weidenmier Watson, 2012, p. 179). Activities and Issues covered under SOX Many issues and activities...

Words: 1194 - Pages: 5

Premium Essay

Whistleblowing

...the Dodd Frank Act Whistleblowing Measures Effective? Whistleblowing in the Financial Markets: Name: Professor: Course: Date: In the wake of the Global-Financial Crisis there have been various strategies employed to improve corporate governance, but the main question to ask will they work? The expansion of whistleblower bounties under s.992 of the Dodd-Frank Act 2010 (Dodd-Frank Act) has been one such measure. This measure has been identified as significantly controversial, because it is superseding the traditional internal reporting processes (Schuman & Keating, 2011). The Dodd-Frank Amendment Act that was introduced in 2011 was an attempt to mitigate the potential harm that offering bounties to whistleblowers may have; albeit it seems to be side-lined through consultation processes. Thus, the following research will explore if the bounty provisions are a necessary and effective tool to increase supervision within financial institutions. The concept of “Whistleblower” needs to be identified before moving on in this discussion. The concept relates to a company insider reporting to an appropriate body when there are actions that are breaching the law or acting unethically (Kohn, 2011). Thus, whistleblowing and corporate governance are intrinsically linked. The indications are that the use of monetary incentives is not the most effective model to enforce whistleblowing as an effective deterrent, which can be supported by the poor statistical reception under the Federal...

Words: 2617 - Pages: 11

Premium Essay

The Sarbanes-Oxley Act of 2002

...and corporate governance legislation since the Securities Act of1933 (the Securities Act) and the Securities Exchange Act of 1934 (the Exchange Act). Furthermore, the provisions of the Act are momentous enough that it is considered by many to be the most significant change to the federal securities laws in the U.S. since the New Deal. The Sarbanes-Oxley Act of 2002 The Act & Impact The Sarbanes-Oxley Act of 2002 was signed into law following the wake of corporate financial scandals. Many large companies such as Enron, WorldCom, and Arthur Anderson were affected. The Act provides a solid set of government rules that are aimed to discourage and punish corporate and accounting fraud, as well as corruption. SOX is designed to carry out these tasks by imposing severe penalties for wrong doings, while protecting the interest of workers and shareholders. The stated purposed to protect investors is maintained by improving the accuracy and reliability of corporate disclosures, imposing strict rules for audits and auditors of publically traded companies, preventing insider trading and deals, requiring companies to adopt strict internal controls, and increasing the penalties for white collar crimes as they relate to investor fraud. The Sarbanes-Oxley Act of 2002 is often best understood, not as a piece of legislation centered on a new concept of regulation, but as a process which mandated that many major reforms be implemented as soon as possible. SOX became effective...

Words: 1660 - Pages: 7

Premium Essay

Sarbanes Oxley

...The Effects of the Sarbanes-Oxley Act There have been widespread reactions to corporate scandals which have become seemingly common in corporate America. Government reaction to these unethical corporate and accounting scandals has led to regulation and intervention. The Sarbanes-Oxley Act of 2002 is seen as a response to the lack of corporate governance present in many corporations. The Sarbanes-Oxley Act of 2002 is also known as the Public Company Accounting Reform and Investor Protection Act of 2002 and commonly called Sarbanes-Oxley, Sarbox, or SOX. This United States federal law was enacted on July 30, 2002 in response to a number of major corporate and accounting scandals, including those affecting Enron, Tyco International, Adelphia, Peregrine Systems, and WorldCom. The act is administered by the Securities and Exchange Commission. It sets deadlines for compliance and publishes rules on requirements. The Act contains 11 titles; these describe specific mandates and requirements for financial reporting. Moreover, the Sarbanes-Oxley Act introduced major changes to the regulation of financial practice and corporate governance. It is seen as the most important legislation affecting corporate financial reporting enacted in the United States since the 1930s” (Li, 1). It is extremely essential in to ensure protect to shareholders and the general public from accounting errors and fraudulent practices in an enterprise. However, with government regulation and intervention one must...

Words: 2870 - Pages: 12

Premium Essay

Corporate Governance

...BUS 341W Writing Assignment 11/14/13 Corporate Governance Introduction An increasing research shows that to maximize shareholder’s wealth has become the core of corporations; their attitudes and the way they adopt for how to return to the investors become another core question to protect their own interests. As a result, the key to make a corporation and even the entire market to prosperous is to protect the investors’ interest. Let’s imagine if the internal of a company only seeks its own profit and leaves their investors’ interests under a risk of being nibble. Is there anyone still willing to invest in this company? If every company does so, how does the stock market go to flourishing? Therefore, there should be more emphasis on corporate governance and let it plays an important role in regulating the corporations, rebuilding the confidence of stock market among investors and lead the stock market to go prosperous. In part I, I conclude the arguments of Robert Prentice and Lawrence Mitchell who are favor of more regulation and what their views are to the legislation and regulations, while in Part II I concludes the arguments of Roberta Romano and Stephen Bainbridge who think more regulations are of improper and “quackery”. Part III is about a more detailed examination for different regulations and arguments as I concluded in part I and part II. If certain regulations are well executed, it should not only benefit the corporations and their shareholders...

Words: 2409 - Pages: 10

Free Essay

Dell Pre and Post Sox

...investments in the securities market, once perceived as providing generous future returns. There have been several events in our nation’s history that have impacted the lives of many Americans. Recent scandals and related corporate failures have triggered new laws and increased regulation in order to restore confidence in the securities market and to provide reliable and accurate information for investors. The Sarbanes Oxley Act of 2002 was a large stepping stone in that movement and has impacted many public companies. SOX requires public companies registered with the Securities Exchange Commission to evaluate the effectiveness of its internal control over financial reporting and disclose this information in its financial statements. For instance, Dell Inc., a large multinational IT corporation, was one of the many large corporations affected by the implications of SOX. First, Section 404 of SOX requires Dell’s management, under the supervision of the CEO and CFO, to establish and maintain adequate internal control in accordance with the rules defined in the Securities Exchange Act. In addition to establishing the controls, they are also required to evaluate the effectiveness of the controls against the criteria established in the Internal Control-Integrated Framework issued by COSO. Second, Section 409 of SOX requires management to disclose material changes in internal control, and the results or potential effects of those changes. Finally, Section 404 of SOX requires Dell’s...

Words: 1526 - Pages: 7

Free Essay

Sarbanes

...find that the cumulative abnormal return around all legislative events leading to the passage of the Act is significantly negative. The loss in total market value around the most significant rulemaking events amounts to $1.4 trillion. I then examine the private benefits and costs of major provisions of the Act by investigating the cross-sectional variation in market reactions to the rulemaking events. Regression results are consistent with the hypothesis that shareholders consider both the restriction of nonaudit services and the provisions to enhance corporate governance costly to business. The results also show that Section 404 of SOX, which mandates an internal control test, imposes significant costs on firms. 1. Introduction In response to the collapse of a number of high-profile firms since late 2001, Congress passed the Sarbanes-Oxley Act (the Act or SOX hereafter) in July 2002 to enhance corporate governance and thereby restore public confidence. The Act has introduced significant changes in both management’s reporting responsibilities and the scope and nature of the responsibilities...

Words: 28191 - Pages: 113

Premium Essay

Accounting Information Systems Research Paper

...Accounting Information Systems Research Paper Abstract The Sarbanes-Oxley Act of 2002 (SOX) was enacted into law in 2002 in the wake of corporation financial reporting scandals involving large publicly held companies. SOX instituted new strict financial regulations with the intent of improving accounting practices and protecting investors from corporate misconduct. SOX requires corporate executives to vouch for the accuracy of financial statements, and to institute and monitor effective internal controls over financial reporting. The cost of implementing an effective internal control structure are onerous, and SOX inflicts opportunity costs upon an enterprise as executives have become more risk adverse due to fears of incrimination. The Public Company Accounting Oversight Board (PCAOB) was created by SOX to oversee the accounting process and dictate independence requirements for auditors and auditing committees. The PCAOB proposed regulations must be approved by the SEC before they are enacted. Since the passage of SOX, the IT department has become critical in designing and implementing the internal controls in company accounting information systems. The Information Technology Governance Institute (ITGI) created a framework called Control Objectives for Information and Related Technology (COBIT) to provide guidance for companies to implement and monitor IT governance. Accounting Information Systems Research Paper The Sarbanes-Oxley Act of 2002 changed the landscape...

Words: 3250 - Pages: 13

Premium Essay

Accounting

...Sarbanes-Oxley Act of 2002, commonly called the SOX, is a United States federal law that was passed in response to a number of major corporate and accounting scandals (veracode.com/solutions/sox-compliance.html, 2011). The act was passed to strengthen corporate governance and restore investor confidence. It was sponsored by US Senator Paul Sarbanes and US Representative Michael Oxley. The act was passed in response to a number of major corporate and accounting scandals, the most popular being Enron, in the United States (audit-is.com/legislation/sox.htm, 2011). As a result of Enron’s scandal and public bankruptcy, congress passed the act which required all public companies that have business in the United States to have an accounting framework (Nelson & Stanley, 2011). The Sarbanes-Oxley Act made it mandatory for all public companies to contain internal financial auditing controls and to present the results in annual assessments. The results must be reported to the Securities and Exchange Commission (SEC) on an annual basis. Furthermore, the Sarbanes-Oxley Act of 2002 requires all public companies to have an external auditor. The external auditor will audit the company’s internal control reports of management and their financial statements (Baker, Bealing Jr, Nelson & Stanley, 2011). In this paper, I will analyze the new or enhanced standards for all U. S. public company boards, management, and public accounting firms that the SOX required, examine why the new enhanced standards...

Words: 1171 - Pages: 5

Premium Essay

Agency Problem

...Emerging Markets Review 13 (2012) 516–547 Contents lists available at SciVerse ScienceDirect Emerging Markets Review journal homepage: www.elsevier.com/locate/emr Corporate governance, agency problems and international cross-listings: A defense of the bonding hypothesis☆ G. Andrew Karolyi ⁎ Johnson Graduate School of Management, Cornell University, 348 Sage Hall, Ithaca, NY 14853, USA a r t i c l e i n f o Article history: Received 30 June 2011 Received in revised form 6 August 2012 Accepted 7 August 2012 Available online 17 August 2012 JEL classification: F30 G15 G32 G38 Keywords: Cross-listing Stocks Bonding International financial markets a b s t r a c t Why firms from around the world seek to cross-list their shares on overseas exchanges has intrigued scholars during the past two decades. A general dissatisfaction with the conventional wisdom about investment barriers segmenting global investors and how cross-listings overcome those barriers cleared the way for newer wisdom about informational problems and agency conflicts, and how firms could overcome weaknesses in corporate governance by listing on, and thus “bonding” to, overseas markets with stronger regulatory oversight, stringent reporting and disclosure requirements and investor protections. Critics have challenged the viability of the bonding hypothesis, which I answer in this review. © 2012 Elsevier B.V. All rights reserved. 1. Introduction Cross-listing — also referred...

Words: 26372 - Pages: 106