The major things that IT managers will have to do differently when Sarbanes-Oxley becomes fully implemented and effective
Sarbanes-Oxley has paved the technology to align themselves with enough room for growth and development to sustain scalability and support. When Sarbanes-Oxley becomes fully implemented and effective, IT managers would have to take direct measures to understand the enterprise in a better form. The various penetrations and dynamicity of the enterprise is required to be better understood and fully visualized for a better strategy framework. The scalability issues of the enterprise must be fully ascertained and taken into account when making software. The very sense of flexibility would allow the software to be amended in cases of extendibility of the enterprise functions and operations. The very fear, agony and lack of morale which is figured out by many companies would reduce to a substantial scale with the advent of flexibility and scalability issues handled deeply by the IT managers as Sarbanes-Oxley takes full shape.
Quality remains the prime motto and would take a better shape with the Sarbanes-Oxley becoming fully effective. The quality assurance would mean a mammoth to the IT managers as the compliance becomes stricter and software’s faces challenges to make a better market than before. The long term aspects of quality assurance and checks must be performed for fetching the right steps for fetching the right journey towards better software for its wide acceptance and use.
The IT managers need to understand the importance of logs that are essential for fetching the right judgment in case of audits and make sure to fetch the right scenario for a healthy long term relationship for the firm. The very basis would be to adopt the culture to understand the importance of keeping a record for fetching better electronic record of activities, their desired behavior, their detailed record for any compliance audit, their ability to take care of monitoring statuses and finally to find to ensure that systems are running smoothly (Bryan, 2008). The audits can thus be made smoothly reviewing the quality and draw performance statistics for the enterprise in a planned and organized manner.
The testing strategies and the quality assurance department must be the primary focus for the IT managers once the Sarbanes-Oxley takes into effect. The appropriate methods for tapping the various exceptional conditions which makes technology rank high on usability issues.
Kim (2007) mentions that Sarbanes-Oxley mandate requires keeping a log of the activities so that financial and accounting records can be well managed for satisfaction and maintenance of quality. This is one aspect which is yet to be implemented in the IT system. The religious maintenance of logs would quench the very attitude for performing flawless audits and would bring a right set of management principals for efficient handling of legacy systems.
The IT managers also need to gear up their boots and understand that enough training of the resources would make sure to envelope the technological advancements and mature them for better performance. The very importance is yet to be attached towards rich knowledge of technology and to understand deeply the subject and enhance the skills. The need for training must be identified by the IT managers to stay concerned, aware and stay kicking with the analytic sensibility for their advancement. Strategies for effective growth and development must be envisioned by the IT managers to upgrade the quality of the employees to keep them motivated, decisive and alert (Worthen, 2005).
The IT managers require gearing up with the procedures for passing a successful audit. The internal processes require to be maintained in a fashion that they are insured with audit trails, composite quality assurance models and following a strict quality assurance guideline for better management and approach towards audit and checks (Hoffman, 2005).
The open questions that are yet to be resolved about the impact of Sarbanes-Oxley on IT management can be highlighted as follows:
1. What would be the right methodology for the framing of accounting and corporate standards in IT businesses?
2. How would one strategize the internal control mechanism for reducing on the paperwork to demonstrate allocation of duties?
3. What would be optimized audit standards for IT systems for safeguarding against any fraudulent activities?
Bryan, Cote (2008) Failed Audit? Retrieved 23, October 2008 from http://www.s-ox.com/dsp_getFeaturesDetails.cfm?CID=2022. Sarbanes-Oxley Compliance Journal
Kim, Nash (2007). Why, 5 Years After Sabanes-Oxley Became Law, IT Executives Are Better Off. Retrieved 22, October 2008 from http://www.cio.com/article/127851/Why_Five_Years_After_Sarbanes_Oxley_Became_Law_IT_Executives_Are_Better_Off/1 CIO
Hoffman, Thomas (2005). More Companies Tap IT for Sarbanes-Oxley. Retrieved 23, October 2008 from http://www.computerworld.com/softwaretopics/software/story/0,10801,105463,00.html. Computerworld.
Worthen, Ben (2005). Baselinemag.com has an interesting Calculator: The Cost of Sarbanes-Oxley. Retrieved 22, October 2008 from http://www.cio.com/article/8097/_The_Top_Five_IT_Control_Weaknesses