Sox First

Designing good systems for internal controls under Sarbanes-Oxley Section 404 has been compared to "finding a needle in a stack of needles".

Hugh Taylor, vice president of marketing at SOA Software , says that because information technology systems are critical in all significant internal controls, the big challenge is sorting out the good needles from the bad.

Good systems also give the forensic accountants the necessary tools to spot trouble. Taylor warns against software packages that claim to be "SOX compliant", as if there were some official certification system. He also makes the point that real compliance requires different parts of the organisation – IT, accounting and business managers – working together to develop an integrated framework.

With that in mind, it's encouraging to note the growing number of CIOs with more strategic clout now sitting on company management committees and reporting directly to their CEOs.

• SOX: A Work In Progress
• SOX: pain and gain
• SOX unwound
• Compliance costs down but more work to be done
• SEC's Cox says SOX should be fixed, not wiped
• Section 404: linking it to strategy
• Can SOX compliance work?
• Straightfromthedoc: Painless needles
• No reduction in Section 404 controls
• SOX spending for 2006
• The Section 404 Effect
• SOX compliance: time's up for small companies