The IT Executive's Best Practice Guide to Sarbanes-Oxley

ARCHIVE

ID Number: G00129814

This research is provided for historical perspective;
portions of this document may not reflect current conditions.

31 August 2005

French Caldwell Lane Leskela Debra Logan John Bace Carol Rozwell Bill Kirwin Richard J. De Lotto Rich Mogull

Adopt these 10 compliance best practices to reduce regulatory costs and improve corporate governance.

Price: US$495.00

Pages: 15

Browse Topics

Other Options

Contact Gartner

	Purchasing this document is fast, easy and secure, but you must be registered with gartner.com so we can track your order. Please select your status from these three choices:

Registration is required to purchase this document.

You or your organization may already own this document. Register now to find out. Your Gartner Membership Administrator can supply the needed License Key(s).

You will not lose your document during registration.

Username:

Password:

Forgot your username
or password?

For more information about purchasing this or other documents, contact Gartner at one of the telephone numbers below:


North America:	+1 203-316-3010	7:30 am - 8:00 pm	Stamford, CT
Europe:	+44 1784 267770	9:00 am - 5:00 pm	London
Asia/Pacific:	+65 6879 2785	9:00 am - 6:00 pm	Singapore
Japan:	+81 3 3481 3552	9:00 am - 5:30 pm	Tokyo

Table of Contents

Analysis

1.0

The 10 Best Practices

1.1		Adopt a Framework of Corporate Governance Principles
1.2		Establish a Compliance/Governance Council, a Compliance Committee and a Corporate Compliance Office
1.3		Communicate With Internal and External Auditors
1.4		Set Up a 'Weather Bureau' for Regulatory Compliance
1.5		Designate an IT Compliance Manager
1.6		Manage Compliance as a Program, Not a Project
1.7		Use Peer-Reviewed, Publicly Available Internal Control Frameworks to Improve Corporate and IT Governance
1.8		Use CobiT to Identify IT Control Gaps
1.9		Identify and Use IT Solutions to Automate Process Controls Where Possible
1.10		Use a Logical Compliance Architecture to Reduce the Number of Controls and Associated Costs Over Time

2.0

Six Steps to Becoming a Best Practice Organization

2.1		Determine Your Company's Key Roles and Responsibilities
2.2		Meet Regularly With External and Internal Auditors
2.3		Meet Monthly With the Person Who Tracks Regulatory Developments
2.4		Map Risks and Associated IT Controls to CobiT Control Objectives
2.5		Evaluate the Sources of New Compliance Costs
2.6		Evaluate Technology Investments to Reduce the Cost of Compliance

Recommended Reading

List of Figures

	Figure 1.	More-Efficient Compliance Requires a Long-Term View

	Figure 2.	Compliance Complexity Is Compounded by Fragmented Project Plans

	Figure 3.	Comparison of Internal Controls (IC) Concepts

	Figure 4.	CobiT and Other IT Process and Control Frameworks

	Figure 5.	The IT Regulatory Platform

	Figure 6.	Software Categories for Compliance Investment

	Figure 7.	Logical IT Compliance Architecture

Governance Policies and Procedures
Corporate Governance
Corporate Governance Regulations
Regulatory Compliance
Sarbanes-Oxley

© 2005 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Resource Id: 484911