Talk:Sarbanes–Oxley Act: Difference between revisions

Should there be material on technical implementation - audits trails etc? Particularly implementation of IV--ENHANCED FINANCIAL DISCLOSURES Sec. 404. Management assessment of internal controls.

The article is quite uncomprehensible as it lacks vital inter-linkage. What are: trades, insiders, blackout periods, COSO? Also other things could be wikified, such as: actuarial services, audit, personal loan, risk assesment. I'm unable to do it as I have no economics background. Also please considers non-American reader that is confused terms common for Americans. -- Forseti 16:01, 3 Dec 2004 (UTC)

Many of these terms have to do with investing on the stock market, but for the IT person who needs to know our responsibilities under the landscape of shifting legislation, to the point that sometimes we feel like we are walking on quicksand, here is a quick overview of the alphabet soup of relevant legislation in the USA. No list can be complete with the speed at which new cyberlaws being passed by the federal government, all 50 states, and local governments. User:AlMac|^(talk) 06:10, 5 January 2006 (UTC)[reply]

Also SOX Implementation, which is a big issue for IT people seems to fall outside the scope of this article making it much weaker and less useful. --Daedelus 22:22, 16 Dec 2004 (UTC)

SOX is a huge topic for accountants and corporate executives, irrespective of the SOX implementation challenge, which turns a lot of IT traditions on their head. User:AlMac|^(talk) 06:06, 5 January 2006 (UTC)[reply]

Hi, this is my first time doing an edit, so please bear with me. I may not be doing this in the right location. But under the http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act entry, if you scroll down to debate, there something that looks suspicious. It says " Smaller companies may be affected by Sarbanes-Oxley if trading with a large company subject to it. In addition to this a large number of them are requiring their smaller suppliers to register with the ISN. "

The problem is, I have never heard of the "ISN" and I did a search on it, and could find only one other entry, also there are no entries located in google anywhere else, plus the webpage goes to some other website, plus it looks like a two year old made the "ISN" webpage on his daddys computer. What I am wondering, is, is it possible that whatever the heck the ISN is, is just a way to get people to "register" and pay a $100+ fee, for nothing. I don't want to get sued so, I won't call it a scam---I have no idea, but shouldn't someone look into this? I'm not even sure how to go about handling it, because they will just come back and add it again. Also, it could be dangerous to give private company information to an unknown website. Could someone please tell me what to do or look into it themselves? Thanks!!!!!!!!!!!!!!!!!!

I am an IT person working at a smaller company that is privately owned, and thus not directly subject to SOX. However, many of our customers are directly covered, our largest vendors are, we have loans from banks under SOX, and tighter regulations. We have international trade. Thus we do business with many enterprises under SOX. They are much more interested in our ISO status, and whether we are ROHS compliant. I never heard of ISN either. There are a ton of companies out there trying to sell services and products to make a company SOX-compliant. This is buyer beware. If you buy one of these solutions, and it not work, it is your corporate executives who go to jail, not the outfit that said their solution would do the job. User:AlMac|^(talk) 06:05, 5 January 2006 (UTC)[reply]

I Wikified a bit, and while doing so, could not find any articles on

• accounting internal controls
• accounting oversight board which was an important part of large corporations, long before SOX
• business practices
• exchange act ... see internal controls
• governance institute ...see IT + SOX 404
• financial disclosure which was critical to stock market investment, long before SOX
• financial report, a concept which has existed in capitalism for at least 100 years, probably much longer.
• Harris Interactive ... see legislative history
• material information, an accounting concept that I first encountered many decades ago.
• operating costs which have applicability in business, far beyond SOX, and also over the life of personal property such as automobiles and personal computers.

There may be other articles with similar meaning that can be linked, in place of the more correct SOX language, such as

• accountancy
• corporate governance

Perhaps there should be a separate main article on SOX implementation, that focuses on what IT people need to know about this. User:AlMac|^(talk) 05:08, 1 February 2006 (UTC) OOps, while I was Wikifying, I found someone had already added Information technology controls. User:AlMac|^(talk) 06:26, 1 February 2006 (UTC)[reply]

Thanks to some folks for resolving some of the above linkage needs, which will help us continue to improve this article. User:AlMac|^(talk) 19:02, 2 February 2006 (UTC)[reply]

I'm British, so feel free to tell me I don't know what I'm talking about, but this article seems to be a bit muddled in places. The following bits give me the most concern:

• The introduction paragraph highlights different features to the 'key provisions' section. And I think we're clever enough to determine our own highlights, without KPMG's help.
• The article is sloppy in how it refers to the Act's provisions. Almost all of the provisions were orders for different federal agencies to take action. So, for example, S302 did not require CEO/CFO to certify internal controls - it required the SEC to introduce rules within 30 days. This may seem like splitting hairs, but it's very important. The implementation of various sections wasn't without controversy - for example nothing in S404(b) gave any indication of the level of work that was going to be required.
• I'd suggest that, in light of the difficulty of the topic, we hive out the more difficult sections to their own articles. For example separate articles on S404, maybe S302/906, etc.
• The overview of PCAOB Auditing Standard 2 does not really belong here - but would be relevant in a S404 page.
• The IT stuff, while interesting in itself, is not really relevant. SOX is first and foremost an accountants' problem, not an IT problem

I'm happy to help with a redraft, if others agree. Nairobiny 11:45, 10 March 2006 (UTC)[reply]

Does the article cited really have all those misspellings? For example:

• "Understandable" where "understandably" was clearly meant?
• "Shoed" where "showed" would be proper.

If not, these should be corrected; otherwise, a [sic] or three might be in order. Robert A West 15:42, 15 Jun 2005 (UTC)