- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
The Role of IT Security in Sarbanes-Oxley Compliance
- Abstract
- The Sarbanes-Oxley Public Company Accounting Reform and Investor Protection Act of 2002 requires that the CEOs and CFOs of publicly-held companies certify each annual and quarterly report filed with the Securities and Exchange Commission. This document will summarize the requirements of Sarbanes-Oxley as they apply to IT and define the controls IT must be concerned with in the certification process. This document pertains only to the role of IT and IT security in Sarbanes-Oxley controls compliance; other company departments - accounting, finance, human resources, etc., may be subject to controls not covered herein.