Sarbanes-Oxley Guide for Finance and Information Technology Professionals, 2nd Edition

ACKNOWLEDGEMENTS.

INTRODUCTION.

PART I: Sarbanes-Oxley For The Finance Professional.

CHAPTER 1: Scope and Assessment of the Act.

Integrity.

Independence.

Proper Oversight.

Accountability.

Strong Internal Controls.

Transparency.

Deterrence.

Corporate Process Management.

CHAPTER 2: Internal Controls.

Components of Internal Control.

Purpose of Internal Control.

Developing an Internal Control System.

CHAPTER 3: Control Environment.

Risk Assessment.

Information and Communication.

Monitoring.

CHAPTER 4: Material Weaknesses.

Specific Internal Controls to Evaluate.

Disclosure Committee.

CHAPTER 5: Implementing Sarbanes-Oxley: What Does Compliance Look Like?

Time Line.

Checklists.

Reporting, Documentation, and Archiving.

Disclosure.

CHAPTER 6: Technology Implications.

Storage Systems.

IT Solutions.

Changes in IT Management.

CHAPTER 7: Sarbanes-Oxley–Related Bodies.

Public Company Accounting Oversight Board.

Committee of Sponsoring Organizations.

Securities and Exchange Commission.

Financial Accounting Standards Board.

CHAPTER 8: Opportunities and Challenges Created by Sarbanes-Oxley.

Opportunities.

Challenges.

CHAPTER 9: Summary for the CFO.

Changes to Corporate Governance.

Catalyst for Improvement.

PART II: Sarbanes-Oxley For The IT Professional.

CHAPTER 10: Impact of Sarbanes-Oxley.

Impact on the Enterprise, the CEO, and the CFO.

Impact of Sarbanes-Oxley on Corporate Management Systems.

Impact of Sarbanes-Oxley on the Technology Infrastructure.

CHAPTER 11: Technologies Affected by Sarbanes-Oxley: From Sarbanes-Oxley to SOCKET.

Separate Vendor Hype from Reality.

Sarbanes-Oxley Compliance as an IT Project.

Perspective on Sarbanes-Oxley Goals.

Steps for Sarbanes-Oxley Compliance.

Sarbanes-Oxley and The SEC.

CHAPTER 12: Enterprise Technology Ecosystem.

Organic IT Architecture.

Ecosystem and Sarbanes-Oxley.

CHAPTER 13: Implementing the SOCKET Methodology.

Species or Components of the Enterprise Technology Ecosystem.

COSO Framework.

SOCKET Technologies.

Transactional Systems: ERP, SCM, CRM.

Analytical and Reporting Systems.

Data Warehousing.

CHAPTER 14: SOCKET and Enterprise Information Management.

Document Management and Sarbanes-Oxley.

Document Security.

Communication and Networking.

CHAPTER 15: The Process.

Introduction to the Process.

Strategic (Top-Down) Approach.

Tactical (Bottom-Up) Approach.

Monitoring the Audit Team.

Implementation Process: Reengineering for Sarbanes-Oxley Compliance.

Beyond Sarbanes-Oxley: From SOCKET to Success Ecosystem.

Conclusions.

APPENDIX A Sarbanes-Oxley Implementation Plan: Developing an Internal Control System for Compliance (Focusing on Sections 302 and 404).

APPENDIX B Project to Process: Making the House a Home.

APPENDIX C Enterprise Project Management and the Sarbanes-Oxley Compliance Project.

APPENDIX D Enterprise Risk Management—Integrated Framework.

APPENDIX E COBIT 3—Executive Summary.

APPENDIX F COBIT 4—Executive Summary.

INDEX.