Title :
SOX Act and IT Security Governance
Author :
Kim, Na-yun ; Robles, Rosslin John ; Cho, Sung-Eon ; Lee, Yang-Seon ; Kim, Tai-Hoon
Author_Institution :
Sch. of Multimedia, Hannam Univ., Daejeon
Abstract :
This paper discusses the effects of Sarbanes-Oxley (SOX) Act on corporate information security governance practices. The resultant regulatory intervention forces a company to revisit its internal control structures and asses the nature and scope of its compliance with the law. This paper reviews the implications emerging from the mandatory compliance with Sarbanes-Oxley (SOX) Act. Issues related to IT governance and the general integrity of the enterprise are also identified and discussed. Industry internal control assessment frameworks, such as COSO and COBIT, are reviewed and their usefulness in ensuring compliance evaluated.
Keywords :
DP management; law; security of data; SOX Act; Sarbanes-Oxley Act; industry internal control assessment framework; information IT security governance; law; mandatory compliance; regulatory intervention force; Communication system control; Companies; Control systems; Force control; Government; Information security; Information technology; Law; Legal factors; Multimedia computing;
Conference_Titel :
Ubiquitous Multimedia Computing, 2008. UMC '08. International Symposium on
Conference_Location :
Hobart, ACT
Print_ISBN :
978-0-7695-3427-5
DOI :
10.1109/UMC.2008.51
