Title :
A Preliminary Investigation of the Impact of the Sarbanes-Oxley Act on Information Security
Author :
Spears, Janine L. ; Cole, Robert J.
Author_Institution :
Pennsylvania State University
Abstract :
This paper examines the information security implications of the Sarbanes-Oxley (SOX) Act of 2002. It is well-established in the information systems field that managers do not rank security as a high priority, an attitude that is believed to result in low levels of information system protection. We consider whether information security benefits are likely to result from compliance efforts associated with SOX. A qualitative analysis consisting of semi-structured interviews, participant observation, and document analysis was conducted to address this question. Based on the results of this investigation, a framework was developed which integrates several factors associated with SOX compliance and demonstrates that firms are likely to reap information security benefits as a result of SOX compliance efforts.
Keywords :
Data security; Financial management; Information security; Information systems; Investments; Legislation; Management information systems; Privacy; Protection; Resource management;
Conference_Titel :
System Sciences, 2006. HICSS '06. Proceedings of the 39th Annual Hawaii International Conference on
Print_ISBN :
0-7695-2507-5
DOI :
10.1109/HICSS.2006.24
