Tuesday, November 02, 2004

Sarbanes-Oxley Act: Steps toward coming into compliance


There's plenty of available advice on how to bring an organization into Sarbanes-Oxley compliance, including the prickly Section 404 that deals with information security. Though that portion of the omnibus law is short in wording, it's big on impact -- both for the company and the IT department -- since it demands a level of documentation that typically hasn't been in place before. IT security processes will come under sharper scrutiny by auditors who don't want to be caught letting a violation slip by, either.

Marc Masnik, senior IT manager for business software maker TIBCO, has some kernels of wisdom to impart on those public companies filing SEC reports after the Nov. 15 deadline. He speaks not just as a consultant for TIBCO clients facing SOX compliance, but as someone whose own company must meet the same stringent requirements just days after the deadline.

See full Article.