Book Description
Enron was once the seventh largest company on the Fortune 500, but after the greatest business scandal of a generation and one of the biggest of the last century, Enron took bankruptcy and essentially blinked out of existence following a wave of revelations of accounting regularities and securities fraud. Headlines soon linked Global Crossing, Tyco, WorldCom, Adelphia, HealthSouth and other companies to similar frauds, prompting Congress in June 2002 to pass the Sarbanes-Oxley Act (SOX), the most significant securities law changes since passage of the original federal securities laws in 1933 and 1934. Sarbanes-Oxley could ultimately prove to be one of America's most significant economic regulations. This short guide explains the ins-and-outs of the Sarbanes-Oxley Act. Students will be able to understand this major legislative change effecting CEOs, CFOs, and other financially responsible officers.
Customer Reviews:
"Cliff Notes" for SOX Act.......2007-06-15
Good overview of SOX Act. Provides a basis for non-financial types or students trying to get a basic understanding. Anyone with more direct responsibility should read the act itself.
Average customer rating:
- Do not waste your time and money on this book.
- A waste of money.
- Nice Resource on Sarbanes-Oxley Compliance
- ARE YOU IN COMPLIANCE??
- Great resource, very helpful in ensuring complying with SOX
|
Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools
Christian Lahti , and
Roderick Peterson
Manufacturer: Syngress
ProductGroup: Book
Binding: Paperback
 Network Security
| Networking
| Computers & Internet
| Subjects
| Books
General
| Computers & Internet
| Subjects
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Similar Items:
-
Security Controls for Sarbanes-Oxley Section 404 IT Compliance: Authorization, Authentication, and Access
-
Sarbanes-Oxley Guide for Finance and Information Technology Professionals
-
Sarbanes-Oxley For Dummies (For Dummies (Business & Personal Finance))
-
Manager's Guide to Compliance: Sarbanes-Oxley, COSO, ERM, COBIT, IFRS, BASEL II, OMB's A-123, ASX 10, OECD Principles, Turnbull Guidance, Best Practices, and Case Studies (Manager's Guide Series)
-
The Sarbanes-Oxley Section 404 Implementation Toolkit : Practice Aids for Managers and Auditors
ASIN: 1597490369
Release Date: 2005-08-01 |
Book Description
This book illustrates the many Open Source cost savings opportunities available to companies seeking Sarbanes-Oxley compliance. It also provides examples of the Open Source infrastructure components that can and should be made compliant. In addition, the book clearly documents which Open Source tools you should consider using in the journey towards compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.
Each chapter begins with an analysis of the business and technical ramifications of Sarbanes-Oxley as regards to topics covered before moving into the detailed instructions on the use of the various Open Source applications and tools relating to the compliance objectives.
The bootable CD contains fully configured demonstrations of Open Source tools.
* Shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications
* Contains a bootable-Linux CD containing countless applications, forms, and checklists to assist companies in achieving SOX compliance
* Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals
Customer Reviews:
Do not waste your time and money on this book........2007-02-07
Useless book.
Waste of time.
Waste of money.
Trust me. Anyone who has gone through SOX will really get a good laugh out of this book.
A waste of money........2007-01-06
If you are preparing for the CISA,do not waste your money on this book. Put your money towards the ISACA's study materials. I found several errors as well as disagreements between this book and ISACA's study guide.
Nice Resource on Sarbanes-Oxley Compliance.......2006-08-11
If you are a company or IT person that is responsible for keeping your company compliant with the Sarbanes-Oxley act of 2002, you owe it to yourself to pick up this book. Chock full of tons of helpful advice and guidelines, this 300+ page text will help get your IT department streamlined and well structured. The Sarbanes-Oxley act was put into place in direct response to the outlandish acts of companies such as Tyco, Enron, MCI and the such where the public will know that their investment money is being used towards non-corrupt practices and this involves not only financial numbers, but also the systems that hold such important data.
Nice book, helpful guide
**** RECOMMENDED
ARE YOU IN COMPLIANCE??.......2006-07-22
Are you a CFO, CIO, CEO, VP, Director of IT, IT Operations Manager, and/or IT Consultant? If you are, then this book is for you! Authors Christian Lahti, Roderick Peterson, and Steve Lanza, have done an outstanding job of writing a practical book that gives you the reader, an understanding of how open source technology and tools might be applied to your individual requirements.
Lahti, Peterson, and Lanza, begin by discussing why the Sarbanes-Oxley (SOX) experience promises to be quite different in terms of depth, cost, and resources. Then, the authors discuss how Congress enacted the Sarbanes-Oxley Act of 2002 in an effort to prevent financial scandals such as those that occurred at Enron and MCI. Next, they explore the need for SOX compliance and the possible consequences of noncompliance--lawsuits, negative publicity for the company, and fines for executive management. The authors then investigate the entire open source phenomenon and the fundamental differences between it and nonfree software. They continue by covering the difference between SOX and COBIT. Then, the authors discuss automation and why it should be a key component of any small to medium-sized company's SOX compliance activities. Next, they cover the COBIT Delivery and Support Delivery and Support Domain and why it is important, not only to SOX compliance activities, but also from an IT Department repositioning perspective. The authors then discuss Deming's continuous quality improvement process, specifically how it was predicted on a closed-loop process. Finally, they show you how to reposition an IT Department, by utilizing COBIT for SOX.
In this most excellent book, you will find a lot of applicable content--basically as much as the authors could muster by way of open source technologies and how they fit into the SOX sphere of influence. More importantly, this book illustrates the many Open Source cost-saving opportunities that public companies can deploy in their IT organizations to meet the mandatory compliance requirements of SOX.
Great resource, very helpful in ensuring complying with SOX.......2006-04-20
Compliance with the Sarbanes-Oxley Act is a legal requirement for publicly traded companies. The problem with the Act is that it requires things like adequate internal control structure and a report on the effectiveness of the internal control structure and procedures while not providing any guidance or any specific mention of information technology implications. Luckily there are several other more specific standards to follow, with the most common among auditors being COBIT (Control Objectives for Information and Related Technology).
This book concentrates on using various open source tools (included on a CD with the book) to audit and document your system for compliance with COBIT. The authors take the reader through a detailed walk through the COBIT components and explain each one as well as how to implement it successfully. If it is followed the result is a sustainable system that is well documented, has set policies to prevent problems, has solid controls, and establishes responsibilities for change and improvements. Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools is highly recommended for anyone preparing to undergo and Sarbanes-Oxley audit but is also highly recommended to others because it is so useful for documenting your system and setting responsibility for changes to it.
Book Description
Everything corporate employees must know to understand--and comply with--the Sarbanes-Oxley Act
No law in recent memory has caused more confusion and apprehension in corporate America than the Sarbanes-Oxley Act (SOA). What Is Sarbanes-Oxley? is a concise, comprehensive overview of the act, filled with plain-English explanations of the vital details employees at every level must know and understand to help their firms achieve and maintain SOA compliance.
Summarizing the text of the law for ease of understanding and reference, this vital addition to McGraw-Hill's What Is . . . ? series provides readers with:
- Guidelines for ensuring that a company's policies, procedures, systems, and controls are SOA compliant
- Management certification responsibilities and noncompliance penaltiesunder hot-button Sections 302, 404, and 906
- Techniques for modifying existing control systems and programs to meet new SOA specifications
Download Description
"Everything corporate employees must know to understand--and comply with--the Sarbanes-Oxley Act No law in recent memory has caused more confusion and apprehension in corporate America than the Sarbanes-Oxley Act (SOA). What Is Sarbanes-Oxley? is a concise, comprehensive overview of the act, filled with plain-English explanations of the vital details employees at every level must know and understand to help their firms achieve and maintain SOA compliance. Summarizing the text of the law for ease of understanding and reference, this vital addition to McGraw-Hill's What Is . . . ? series provides readers with: Guidelines for ensuring that a company's policies, procedures, systems, and controls are SOA compliant Management certification responsibilities and noncompliance penaltiesunder hot-button Sections 302, 404, and 906 Techniques for modifying existing control systems and programs to meet new SOA specifications "
Customer Reviews:
Basic Info.......2007-03-10
Book gave basic info on SOX. Not most interesting subject or book.
Good, to the point, technical overview - A must read for any manager.......2006-07-13
I am trying to educate myself on the Sarbanes-Oxley Act (SOX) and bought this, and another book by Scott Green to get started. "What is Sarbanes-Oxley", is an excellent starting place. At just over 100 pages, the book gives an overview of the sections of the Act (404, 302, etc.) one needs to know in order to navigate through the terms, terminology and subtleties of the Act.
It provides a good framework for parsing out specific provisions, and how they apply in a broad sense to organizations. Aside from the good accounting practices and control environment and attestation discussions, sections on corporate governance and board and committee composition is clear and concise.
Its a very good primer for anyone wanting to educate themself on the most important piece of legislation affecting corporate America to come down the pike in decades.
For the non-technical manager, who is, or will be (or should be) impacted by SOX, or to improve your own skills, I recommend this as a starting point on your road to enlightenment. Its every manager's responsibility to abide by the rules and protect your organization, and the 10 or so hours it will take you to read and understand this basic framework will put you on the right road and make you more valuable to your organization in the long run.
Its a critical piece of literature for any manager interested in educating and promoting their own knowledge base to further their careers, or, at the very least, remain current and protect what you'l achieved.
As a side note, SOX does not apply to non-publicly traded companies and 501C type organizations. READ THIS BOOK ANYWAY! There is always room for improvement in the internal control environment and for good corporate governance, and you can either lead or be dragged along with changes. Its only a matter or time before some scandal somewhere is going to break, and provisions of the Act will be expanded to more and more types of companies.
Disappointing.......2005-08-17
I needed to know more about Sarbanes-Oxley for work and ordered this book. While I was waiting for it to arrive, I went onto the Internet and downloaded some information, including the text of the legislation itself.
I read through the legislation. I'm not an attorney, and I wasn't motivated to cross reference the other laws/acts mentioned. In other words I just read the legislation as is, with no legal background.
When this book arrived, I expected it would provide information and/or interpretations that I was not able to get directly from reading the legislation and other free materials.
In truth, I found there was very little, if anything that I hadn't gathered directly from my other sources. If you are trying to learn what Sarbanes-Oxley is about and choose not to use the available information, this book does describe the basics.
I would not recommend it, because it does not significant add to, or simplify the information readily available for free.
Finance Manager.......2005-07-28
This book provided a brief overview and was short on application which I required. Perhaps the books intent did not comply with my needs. However,"Manager's Guide to Sarbanes Oxley Act" proved valuable and aided in presentation to our managers group for the need for internal controls.
Insightful !.......2005-02-24
This dry-as-bones handbook gives essential overview information about the numerous, varied requirements of the U.S. Sarbanes-Oxley Act (SOA). Reading it is much easier than reading the Act itself, mainly because the book is much shorter. Author Guy P. Lander probably comes as close as possible for a practicing securities law attorney to writing in plain English. That does not mean that this book will appeal to the general reader. We believe it will see its best service as a handy reference on the bookshelves of executives responsible for discussing their firms' SOA compliance efforts with their attorneys, auditors and peers.
Book Description
A complete guide to leveraging the power of Sarbanes-Oxley--specifically for nonprofits
The first book to discuss the implications of Sarbanes-Oxley legislation as it relates to nonprofit organizations, Sarbanes-Oxley for Nonprofits is an essential guide for all nonprofit executives and boards who want to know how the new legislation can enhance their organization's mission.
By establishing a "platinum standard" of operations and governance within nonprofit organizations, executives and board members will be better equipped to attract high-quality staff and board members, as well as the attention of donors and other potential funding sources. Sarbanes-Oxley for Nonprofits presents the best practices that have emerged from the Public Company Accounting Reform and Investor Protection Act (Sarbanes-Oxley) in a manner that explains their source and value to the nonprofit organization.
Written for both small and large nonprofits, Sarbanes-Oxley for Nonprofits includes:
* Practices intended to establish a "platinum standard" of operations and governance within the nonprofit
* Coverage of audits, financial statements, board activities and decision making, how to teach board members to read and interpret financial statements, conflicts of interest, whistle-blower protection, and how to leverage these standards to gain a competitive advantage
* Sarbanes-Oxley best practices and the organizational culture
* Sample documents, forms, and checklists to introduce these best practices into any nonprofit organization
* And much more!
Download Description
Implications of Sarbanes-Oxley for Nonprofits explores the relevant themes and requirements in Sarbanes-Oxley that relate to nonprofits. It addresses each area in depth with recommendations for steps to come into compliance with Sarbanes-Oxley standards. Major topic areas include audits, financial statements, board activities and decision-making, teaching board members how to read and interpret financial statements, conflict of interest, whistle-blower protection, and how to leverage these standards to create a platinum standard organizational culture.
Book Description
Need help ensuring your campany complys with Sarbanes-Oxley? Armed with this hands-on guide, you can detect early signs of fraud and operational loss, and safeguard your job, your employees' jobs, and the long-term success of your company. Don't let fraud derail your career. Protect yourself with the fail-safe Control Smart method found in
Manager's Guide to the Sarbanes-Oxley Act.
Order your copy today!
Download Description
How to set up and monitor controls to ensure compliance
In a recent survey, Ernst & Young commented that, while large companies are spending millions of dollars to comply with the Sarbanes-Oxley Act, mid-sized and small companies are "stuck like deer in the headlights." Written especially for managers at such companies, Manager’s Guide to the Sarbanes-Oxley Act lays out how they can assess and monitor their companies’ internal control structures. Using numerous case studies and vignettes, the book explains Sarbanes-Oxley and how it affects managers. Clearly written and practical, Manager’s Guide to the Sarbanes-Oxley Act is essential reading for managers, CEOs, CFOs, and auditors.
Scott Green, CPA (Long Island, NY), is currently the Global Head of Audit and Compliance for Weil, Gotshal and Manges–one of the largest law firms in the world and a leader in the practice of corporate governance.
Customer Reviews:
prompt delivery.......2005-09-14
It is important to receive email from seller to confirm the transaction, which he/she did. Prompt delivery. Book arrived in good condition as stated.
Far too general to be of value.......2005-07-13
Read this one a year ago and found it to be very non specific in the elements necessary to gain compliance. Now after three SOX engagements and having to deal with the intricacies of 404, this book stands as a poor introduction to the enormity of the task to follow.
If however one wishes to get a brief overview of what compliance and governance will mean to public companies, read away.
Poor Information value.......2005-07-05
I am writing a paper about SOA and read different books about it. In comparison to other books the Manager's Guide by Scott Green gives poor information about the SOA itself and talks about risks and controls most of the companies have realized centuries ago. In addition there are absurd comparisons to foreign laws, which maintain uselessness (for example a german law). I guess Scott Green has never been to Germany and doesn't know anything about Corporate Governance in Europe. I have traveled through Europe and found much better quality in leadership there and articles of most famous business magazins affirm my opinion.
The book is pure greed for money.
Packed with Knowledge !.......2005-02-23
The Sarbanes-Oxley Act is one of the most complex, costly pieces of legislation to emerge from Congress in the past two decades. Author Scott Green considers the legislation itself to be a risk - not merely to managers who might find themselves disgraced or imprisoned for mere mistakes and oversights, but also to the productive forces of American capitalism. His book outlines a process for identifying and managing the kind of risk that might result in violations of Sarbanes-Oxley. His approach is blessedly free from jargon and almost intuitively obvious. Other things about this book make it appealing to a reader who has waded through other analyses of Sarbanes-Oxley and who is concerned about full compliance. First, without oversimplifying, Green presents his prescription in simple, straightforward terms. Second, he does not make an overt sales pitch for his firm's consulting services. Third, he has apparently not service-marked his favorite terminology, such as "Smart Links." This restraint confirms that he actually has something to say to you, and is not merely trying to drum up business. What he has to say is not stunning or new, nor is it presented in sparkling prose, but we find it reasonably useful and well worth a manager's time to read.
Busting the Sarbanes-Oxley myths!.......2004-09-27
Boards of all shapes and sizes are wondering about the affect that Sarbanes-Oxley act will have upon their operations, accountability, and liability. But what about the managers running the day-to-day operations? Mr. Green kept his promise to "introduce groundbreaking and practical 'Control Smart' approach that not only meets the requirements of Sarbanes-Oxley, but also alerts you if operational controls stop working or are otherwise compromised."
While larger companies can afford to spend millions of dollars to implement control system monitoring tools, managers of small to mid-sized companies can be unsure of how to move forward if their budgets can't accommodate expensive advisors and systems. Mr. Green tells us in a forthright and clear manner that we must not depend on others to audit accountability into our reporting systems any more than we are able to test reliability or quality into our products. He places responsibility for our transparent transactions squarely on the shoulders of every manager and every employee throughout the organization.
The "Control Smart" approach to understanding where we need to make transformational changes and where we can live with transitional changes is easy to understand even as it is complex and difficult to execute. But we must all attempt to do so. Green insists that we can "walk our talk by taking the culture of our companies seriously. We are able to create positive values as company objectives and appropriately compensate those who uphold the company image." In this well written book, you will find the answer to just what it is that managers today need to do to implement the spirit and the law of Sarbanes-Oxley.
Book Description
"Accounts Payable and Sarbanes-Oxley cements Mary Schaeffer's reputation as the premier authority on accounts payable. She provides great detail on all aspects of the payables systems needed to comply with Sarbanes-Oxley. A must for every controller's bookshelf!"
-Steven Bragg, Premier Data Services
"Mary Schaeffer has done it again! America's most accomplished accounts payable expert has written another authoritative and comprehensive work. This time she takes aim at internal controls and the Sarbanes-Oxley Act as they impact the payables function. Whether or not you are required to comply with the Act, this book will help you meet the challenges facing professionals who demand effective and efficient controls both now and in the future. This book is an enormous resource and blueprint for any financial professional."
-Bob Lovallo, President, Pinpoint Profit Recovery Services, Inc.
"There are many guides to complying with Sarbanes-Oxley yet this text is the first I have seen that provides accounts payable departments with a game plan, both from a mile-high and an in-the-trenches viewpoint. Even if you are not concerned with SOX, this guide provides the foundational control framework and best practices for any accounts payable department."
-Richard B. Lanza, CPA/CITP, CFE, PMP, President, Cash Recovery Partners L.L.C.
"Mary Schaeffer's book provides clearly written guidance on the causes, consequences, and best practices for accounts payables internal controls. Every accounting, auditing, and information technology professional who deals with accounts payable will find some useful suggestions in this book."
-Dr. Will Yancey, CPA, independent consultant
"If you only read one book on the duties and responsibilities of the accounts payable representative-make it this one. Ms. Schaeffer is absolutely brilliant at explaining the impact the Sarbanes-Oxley Act will have on the organization and its accounts payable procedures. Whether you are a seasoned accounts payable representative or just new to the position, this book will help you to become firmly grounded in your ability to perform your role in the accounts payable department."
-Jerry W. Michael, President, IRSCompliance.org
The accounts payable blueprint to becoming Sarbanes-Oxley compliant
The Sarbanes-Oxley Act provides a rigorous discipline that can be used by all organizations, regardless of whether they are publicly traded or not. Strong internal controls and segregation of duties should become a standard way of thinking rather than something required by law. Accounts Payable and Sarbanes-Oxley provides a comprehensive overview of the Act and lays out the necessary guidelines that affect accounts payable to ensure compliance in the accounts payable department.
Download Description
This book describes how Sarbanes Oxley requirements should be implemented as they pertain to accounts payable functions. It includes a discussion of why the controls demanded by the Act are important to both public and private companies. It also includes an overview of the COSO framework and how it affects the accounts payable function, as well as describes the proper documentation needed to conform with SOX and the required fraud prevention controls and practices.
Customer Reviews:
Must read for AP professionals.......2007-02-19
As a financial professional from NY I was pleased to find Schaeffer's book covered the issues from top to bottom for the AP Department.
She covers all the aspects of Sarbanes - Oxley and it's impact on the AP Department.
I no longer wonder if I missed something or there could be something uncovered by the auditors that I should have addressed.
Accounts Payable.......2006-12-27
To me, this book shows us how to strengthen our control in the account payable functions, like segregation of duties, setting of authorisation levels, etc......It helps me to focus the risk areas that I never have think of in terms of account payable function in my company.
Book Description
Sharing secrets for the effective creation of auditing mechanisms for Health/Insurance Portability and Accountability Act of 1996 (HIPAA) compliant Oracle systems, this book demonstrates how the HIPAA framework provides complete security access and auditing for Oracle database information. Complete details for using Oracle auditing features, including auditing from Oracle redo logs, using system-level triggers, and using Oracle9i fine-grained auditing (FGA) for auditing of the retrieval of sensitive information, are provided. Examples from all areas of auditing are covered and include working scripts and code snippets. Also discussed are the use of the Oracle9i LogMiner to retrieve audits of database updates and how to implement all Oracle system-level triggers for auditing, including DDL triggers, server error triggers, and login and logoff triggers.
Customer Reviews:
SOX appears on the title only...........2006-04-15
Excellent book for general security information with Oracle (VPDs, Roles, Encryption and the rest)
As an another review pointed out, the book is very light on SOX material and focuses instead on the HealthCare sector.
If that's what you want..by all means, buy the book...A.Nanda is one of the very best DBAs out there and knows his material inside and out...
If you need SOX and/or GLB, look elsewhere...
Oracle Privacy and Security Auditing.......2005-12-07
I primarily purchased this book for help on Virtual Private Database (VPD) and Row Level Security (RLS). We use these features at work and need to expand on them. Something I did like about this book is that it is well written and covers many subject areas that are spread out over many different books in Oracle's documentation. The examples are not much more helpful than Oracle's and that is an area that could be improved on the second edition.
The book is 672 pages and if it was formatted a little differently it would probably be closer to 300. The font is large and the pages are narrow.
Misleading and worthless.......2004-10-22
I bought this book for understanding how to handle compliance in Oracle. No where in the book can you find details about HIPAA, SOX or GLBA complaince!!!! It was totally, completely, worthless for me!
Major Problems with this Book.......2004-09-01
The title of this book is quite misleading. The title should stop with HIPAA. HIPAA is the sole focus; there is no mention of SO or GLB. True, the overall goals of SO and GLB are similar to those of HIPAA (control, accountability, confidentiality) but I would expect a book that has SO and GLB in the title to mention those laws and perhaps (as I was hoping) provide some specific insights. If you want to learn something about HIPAA, this is the book. If you want to learn something about SO or GLB, you have to learn it elsewhere and then apply the legalistic knowledge into this book on Oracle.
The second gripe is with the index. Personally, I don't have the time to read a book cover-to-cover. I need a competent index to be able to look up specifics. This index is woefully short (4 large type pages). Further, I sincerely believe the index is for some other version of the book or other book entirely. The page references do not match the pages. Hence index is useless.
I was in the process of returning this book (first time I would have done so) when I came over to the reviews and started reading them. My gripes are legitimate but I have decided to keep the book for its security aspects rather than its integration of HIPAA, SO or GLB requirements into Oracle security. After all, the Oracle Security Handbook (Theriault and Newman) is out of date.
Landmark book for Oracle shops.......2004-07-12
This remarkable book covers how to use Oracle 9i security and auditing facilities to achieve compliance with three major laws. While the book emphasizes HIPAA, it also addresses, either directly or indirectly, privacy security and auditing with respect to the Gramm-Leach-Bliley Act (Subtitle A: Disclosure of Nonpublic Personal Information 15 U.S.C. 6801-6810 and Subtitle B: Fraudulent Access to Financial Information 15 U.S.C. 6821-6827), HIPAA requirements for protecting data and enforcing security and privacy, and Sarbanes-Oxley Act Section 404 requirements related to integration of transactional systems, logs and auditing trails, and data security.
Structure of this book is in three sections:
Section I gives an introductions to HIPAA, Oracle security and Oracle auditing. Among the topics covered are grant, role-based, and profile based security, as well as virtual private databases (row-level security, fine-grained access control), and application server security.
Section II goes deeper into general Oracle security, covering relational grant security as it relates specifically to HIPAA (but can be also used for Gramm-Leach-Bliley and Sarbanes-Oxley compliance because the requirements are similar regarding these mechanisms and techniques). Also covered are encryption and network security.
Section III deals with auditing using Oracle facilities, tables, DDL and DML, and covers the spectrum from grants auditing to fine-grained audits. Again, the focus is on HIPAA requirements (Chapter 11, for example, contains the following topics: Auditing select access as per the HIPAA mandated auditing of Patient Health Information, and Combining FGA and Flashback queries to answer the most important question in addition to who saw the data, what they saw.) This section ends with HIPAA security and auditing checklists, which can be also applied to Sarbanes-Oxley and Gramm-Leach-Bliley security and auditing.
This book is an outstanding addition to bodies of knowledge spanning three disciplines - internal auditing, DBA, and IT security & privacy. A copy should be provided to managers and subject matter experts in each of those domains.
Book Description
Tailored to give business professionals and their staffs precisely what they need to know about this regulatory sea change, PLI's Guide to the Sarbanes-Oxley Act for Business Professionals concisely explains the governance, disclosure, reporting, and record-keeping reforms reflected in many new SEC, NYSE, and NASD rules.
Featuring subject-oriented compliance checklists and citations to the rules for follow-up research, the book avoids legal jargon and technical references while it clarifies:
• New management certification requirements for quarterly and annual reports. • The steps involved in developing mandatory disclosure procedures and financial controls. • Ways of improving Management's Discussion & Analysis to meet new SEC standards for MD&A. • Restrictions on the use of non-GAAP measures in SEC filings to protect investors. • Stricter standards for director, auditor, and research analyst independence to prevent conflicts of interest.
Book Description
Sarbanes-Oxley and the New Internal Auditing Rules thoroughly and clearly explains the Sarbanes-Oxley Act, how it impacts auditors, and how internal auditing can help with its requirements, such as launching an ethics and whistle-blower program or performing effective internal controls reviews under the COSO framework. With ample coverage of emerging rules that have yet to be issued and other matters subject to change, this book outlines fundamental blueprints of the new rules, technological developments, and evolving trends that impact internal audit professionals.
Order your copy today!
Download Description
With the collapse and scandals involving Enron, WorldCom, and other companies, auditors have increasingly come under pressure to play a greater role. The Sarbanes-Oxley Act mandates that auditors have a greater responsibility. This book examines the new role of the auditor within this new corprorate environment.
Customer Reviews:
Sarbanes-Oxley and the New Internal Auditing Rules.......2006-09-29
This book provides a comprehensive overall view on Sarbanes Oxley and other evolving internal audit standards and practices. Moeller has taken an extended view on the roles of internal auditor to include that of quality auditors for ASQ and ISO.
I find the book useful for general knowledge on what internal audit entails. However, this book has its limitation for practising internal auditors who are seeking in depth working tools to meet their professional requirements.
Disappointing!.......2005-08-15
Despite Mr. Moeller's "brand-name appeal", I must confess I found this book disappointing. The title promises too much perhaps; how can mere 300 pages cover the matter for a practitioner? Written in an informal style, it paints on a broad canvas -- the kind of material that would do well for an after dinner-talk for auditors, but most definitely lacks depth and specificity. It could be useful for students or business managers, but is unlikely to help a professional auditor much.
Browse through it first to see if it answers your needs before putting down your money.
Comprehensive and clear.......2004-07-11
This book is essential reading for anyone involved in internal audits per Sarbanes-Oxley, including auditing professionals and senior management whose business or technical domains are affected (i.e., all senior managers).
The focus is on auditing from the practitioner's point of view, and Chapter 2 shines because it summarizes SOA and how it affects internal audit as a function and as a practice. This material encompasses relationships with external auditors and with the audit committee, which are important parts of SOA. A further tie to the audit committee is given in detail in Chapter 3.
Chapter 5, 'COSO, Section 404, and Control Self-Assessments' is the heart of this book in many respects. However, as an IT consultant I found Chapters 6, 7 and 9 more aligned to what I do - and the reason why I cited the audience of this book as wider than auditing practitioners. For example, the inclusion of CobiT (Control Objectives for IT) in Chapter 6, Disaster Recovery and Continuity Planning (Chapter 7) and Enterprise Risk Management, Privacy, and Other Legislative Initiatives (Chapter 9) are directly or indirectly related to IT, and the information I gleaned from those chapters helped to place SOA within the context of my profession's support requirements and IT auditing. I was also surprised and gratified to find ITIL best practices, which is an international standard for IT infrastructure management, including service delivery and service support. Again, this information shows how far reaching SOA is, and the need for all managers to fully understand their roles and how SOA will affect the way they operate and manage their functional areas.
Of course, for professional auditors, the chapters on Internal Audit Fraud Detection and Prevention (8), Rules and Procedures for Internal Auditors Worldwide (10), and Continuous Assurance Auditing Future Directions (11) round out this comprehensive book. As a non-practitioner I found it to be clearly written and, in many respects, enlightening. The breadth of topics and the depth into which they are delved is impressive.
Average customer rating:
|
Internal Audit Reports Post Sarbanes-Oxley: A Guide to Process-Driven Reporting (Wiley Institute of Internal Auditors Professional Book)
Susan M. Switzer
Manufacturer: Wiley
ProductGroup: Book
Binding: Hardcover
General
| Business & Investing
| Subjects
| Books
Auditing
| Accounting
| Industries & Professions
| Business & Investing
| Subjects
| Books
General
| Accounting
| Industries & Professions
| Business & Investing
| Subjects
| Books
General
| Accounting
| Accounting & Finance
| Professional & Technical
| Subjects
| Books
General
| Finance
| Accounting & Finance
| Professional & Technical
| Subjects
| Books
All Titles
| Qualifying Textbooks - Fall 2007
| Stores
| Books
Similar Items:
-
The Essential Handbook of Internal Auditing
-
Writing High-Impact Reports: Proven Practices for Auditors and Accountants
-
The Internal Auditing Pocket Guide
-
Managing the Audit Function: A Corporate Audit Department Procedures Guide
-
Manager's Guide to Compliance: Sarbanes-Oxley, COSO, ERM, COBIT, IFRS, BASEL II, OMB's A-123, ASX 10, OECD Principles, Turnbull Guidance, Best Practices, and Case Studies (Manager's Guide Series)
ASIN: 0470050845 |
Book Description
Brimming with commonsense advice delivered in a conversational, easy-to-read style, Internal Audit Reports Post Sarbanes-Oxley: A Guide to Process-Driven Reporting helps you transform raw data into useable information and then translate that information into actionable messages while complying with the SOX Act.
Customer Reviews:
Great Resource.......2007-02-01
This isn't another arcane tome on the audit process. Nor is it a one time read. Rather this book is destined to set a gold standard for the industry, making audit report writing a process driven, easy-to-understand practice. The best testimony to Switzer's process oriented approach is the straightforward way she maps the progression from raw information to a cohesive report. Her conversational tone, lighthearted comments and real world examples make it an easy read. Like the best audit reports this book is reader friendly, but don't underestimate its potential. More than just a theoretical explanation, it gets down to the nuts and bolts of report writing, covering all the "how to's" from grammar usage to paragraph construction. Anyone who is involved with the audit process will find that it is an indispensable resource. I think this is a great book.
Books:
- History: Fiction or Science? (Chronology, No. 1)
- History: Fiction or Science? (Chronology, No. 1)
- History: Fiction or Science? (Chronology, No. 1)
- History: Fiction or Science? (Chronology, No. 1)
- Home Business Tax Deductions: Keep What You Earn
- How to Get Tax Amnesty: A Guide to the Forgiveness of IRS Debt Including Penalties & Interest
- I Hate You, Don't Leave Me: Understanding the Borderline Personality
- Intermarket Technical Analysis: Trading Strategies for the Global Stock, Bond, Commodity, and Currency Markets (Wiley Finance)
- International Economics (2nd Edition)
- Introduction to the Mathematics of Financial Derivatives
Books Index
Books Home
Recommended Books
- Wealth and Poverty
- The Art of War: New Translation
- Introduction to Fixed Income Analytics
- New Rules: Polite Musings from a Timid Observer
- Physical Chemistry
- The Baby Book: Everything You Need to Know About Your Baby from Birth to Age Two
- Smart Tax Tips: Winning Strategies to Reduce Your 2003 Taxes
- Property Companies: An Industry Accounting and Auditing Guide
- Modelling Stock Market Volatility
- One Dead Under the Cuckoo's Nest: A Pauline Sokol Mystery
One World: The Ethics of Globalization, Second Edition (The Terry Lectures Series)
Defining Moments: When Managers Must Choose Between Right and Right
How Good People Make Tough Choices: Resolving the Dilemmas of Ethical Living
The Elements of Moral Philosophy
Marketing Planning & Strategy
