Introduction
The legislation came into force in 2002 and introduced major changes to the regulation of financial practice and corporate governance.

The Sarbanes-Oxley Act is arranged into eleven titles. As far as compliance is concerned, the most important sections within these are often considered to be 302, 401, 404, 409, 802 and 906. An over-arching public company accounting board was also established by the act, which was introduced amidst a host of publicity.

Sarbanes-Oxley Compliance
Compliance with the legislation need not be a daunting task. Like every other regulatory requirement, it should be addressed methodically, via proper analysis and study.

Also like other regulatory requirements, some sections of the act are more pertinent to compliance than others.

SOX IT controls are typically divided into two areas of concentration:

IT General Controls include:

• Control environment
• Change management
• Source code/document version control procedures
• Software development life cycle standards
• Security policies, standards and processes
• Incident management policies and procedures
• Technical support policies and procedures
• Hardware/software configuration, installation, testing, management standards, policies and procedures
• Disaster recovery/backup and recovery procedures

IT Application Controls include:

• Completeness checks
• Validity checks
• Identification
• Authentication
• Authorization
• Problem management
• Change management
• Input controls

SOX Kit

Includes a whole series of resources intended to help simplify, and set you on the right path.

The Sarbanes-Oxley Compliance Kit includes the following:

• THE SARBANES-OXLEY GUIDE

• A MANAGEMENT PRESENTATION: CORPORATE CERTIFICATION OF FINANCIAL STATEMENTS  

• CORPORATE GOVERNANCE COMPLIANCE ISSUES

• CORPORATE GOVERNANCE COMPLIANCE CHECKLIST

• THE SARBANES-OXLEY AUDIT CHECKLIST

• SARBANES-OXLEY AUDIT COMMITTEE GUIDE

• ADDITIONAL MATERIAL

PURCHASE THE SARBANES-OXLEY COMPLIANCE KIT