Sarbanes-Oxley, or SOX, or sometimes called Sarbox, established new and enhanced accounting and reporting standards for public U.S. companies.
This has led to many new reporting and auditing requirements for application development teams that make software that involve company revenue generation, reporting, customer information and accounting.
Assessment of Internal Control requires companies to prove they have control and accuracy of their financial reporting. Section 404 requires each public company to include in their annual report the following list.
There are two Auditor objectives in the SOX-Audit.
Passing the Audits
Proving that companies have internal controls in place that protect customer information and accurate report financial information are at the heart of the audits.
Development teams that have sound software development process and follow SCM best practices have found that most of these reporting and auditing processes and procedures to already be in place. It is just a matter of running reports and documenting the audit trail
However, some organization's development teams that have little to no processes in place have found these new reporting and auditing requirements to be quite invasive and painful to meet. Not only are they struggling with providing audit reports, they are having to create processes that support the accuracy of these reports.
For many organizations, this is no small feat.
Sarbanes - Oxley Solution
Definition of Information Technology Table of Contents
Definition of Information Technology Definition of Information Technology describes the primary function of Information Technology. Along with the scope of IT Services and Technologies provides to the Information Technology Services Customers.
Cloud Computing Cloud Computing is the use of Internet computer and software technologies to provide a variety of computer services. It is more than virtual servers. It is a way to increase capacity or add capabilities on the fly without investing in new infrastructure, training new personnel, or licensing new software. The name Cloud comes from the common diagram of the Internet as it is often depicted in computer network diagrams.
Disaster Recovery The purpose of this page is to establish a standard for disaster recovery for systems, applications and their configurations.
ITIL ITIL, Information Technology Infrastructure Library, is a set of best practices that support the delivery of Information Technology Services.
ITIL V3 ITIL v3, Information Technology Infrastructure Library, is a set of best practices that support the delivery of Information Technology Services.
Six Sigma Six Sigma seeks to identify and resolve the causes of defects and errors in engineering and business processes. It uses a set of quality management methods, including statistical methods, and creates a special infrastructure of people within the organization who are experts in these methods. Each Six Sigma project carried out within an organization follows a defined sequence of steps and has quantified financial targets.
SOA Strategies SOA Strategies, the importance of IT articulating the value of its technology strategy to corporate decision makers, the correlation between architecture and successful business-driven initiatives such as cloud computing and software as a service, and how to avoid common architecture mistakes.
SOX SOX, Sarbanes Oxley, reporting and testing requirements are mandating formal approvals and reviews of people who have access to application source code.
SOX Source Code SOX Source Code how to maintain a SOX audit for source code control, you must maintain access control and provide an audit trail of access.
SCMWise Software Configuration Management SCMWise is dedicated to SCM. This site is a central repository for the collection of best practices, processes, methodologies and tools that surround SCM.
SCMWise Configuration Spec