Sarbanes-Oxley Resources
The Sarbanes-Oxley Act of 2002 (SOX) was designed to restore investor confidence in U.S. public markets in the wake of business scandals and corporate governance failures. SOX has received considerable attention, but relatively little focused on the roles information technology and IT controls play in business management, financial processing, or financial reporting. Reliability, accuracy, and timeliness of financial reporting in most organizations depend heavily on IT as most business controls and virtually all business processes are automated. Further, IT professionals are responsible for the quality and security of information and systems, but most are not familiar with SOX or its requirements for reporting on the reliability of the system of internal control. Internal auditors can play a pivotal role in addressing business controls managed by IT as well as helping to structure the required assessment and assurance processes.

The Institute of Internal Auditors • 247 Maitland Avenue • Altamonte Springs, Florida 32701-4201 USA
+1-407-937-1100 • Fax +1-407-937-1101 • www.theiia.org • Copyright 2008