The deadline for public companies to comply with Section 404 of the Sarbanes-Oxley Act (SOX) is November 15. Many IT pros, however, are still looking for answers to their compliance questions and have a need to know what SOX means to their organization. Below are a number of invaluable resources to use in finding those answers.
TechRepublic has published several articles over the past year that address compliance issues specifically. Here are a few:
Steve Kenniston, Senior Strategist, Connected Corporation, wrote "IT faces regulatory requirements for electronic communications archiving", a look at the regulatory landscape. He gives tips on how to build the foundation for e-mail-related regulatory compliance.
Don't forget about your peers!
If you have a compliance problem that is really tripping you up, post a question in TechRepublic's Technical Q&A. Click here to submit a question or just to see what others are wondering about.
Ruby Bayan's article, "Get IT Done: IT pros must stay in compliance with e-mail retention laws", is based on an interview with an internationally recognized authority on the legal, compliance, and policy issues of information technology, electronic records, and information management. She includes some recommended providers if you decide to buy rather than build your records/information management solutions.
In "Document retention: The IT manager's changing role", Karen Ann Kidd covers the steps you need to take to bring your company into compliance, including benefits analysis, determining what needs to be archived, and setting up a solid team.
Another article from Kidd, "Businesses hope software can help them meet reporting requirements of the Patriot Act", explains how one provision of the U.S. Patriot Act requires financial services companies to develop improved capabilities to identify customers and flag suspicious transactions. New software offerings may help enterprises stay in compliance. Be sure to read the discussions following the TechRepublic articles for valuable insight from your peers who are facing the same compliance hurdles.
Bindview software offers several white papers, Webinars, and data sheets that will help you gain more control in passing your Section 404 attestation. These include:
- What Executives Need to Know About Computer and Security Controls to Pass the Audit (White Paper—free registration required)
- Satisfying Sarbanes-Oxley Computer and Security Controls Requirements: Feeling Lucky? (Webinar)
- IT Audits for Regulatory Compliance: Get It Right, Sleep At Night (Webinar)
For any ongoing questions you may have, you might want to pop over to the Sarbanes-Oxley Act Forum.