SOX is Hell

SOX is everyone's worst nightmare come true

This article can also be found in the Premium Editorial Download: Storage magazine: Adding low-cost tiers to conserve storage costs:

Think complying with Sarbanes-Oxley (SOX) will be easy? Think again. A user preparing for a SOX audit (who for obvious reasons requested anonymity) reports that complying with the regulation is a time-consuming, thankless task.

"This has been an unbelievably frustrating ride," he says. "We're making everything up as we go along, because there's no template to follow." Auditors are no help. "They tell us, 'We'll know it when we see it.' It's like trying to please the king."

The work itself, providing proof and documentation of compliance, is time-consuming "administrivia." "I'd much rather be running storage infrastructure; it's a lot more fun."

Forget about hiring consultants. Even if you can find one, "the big accounting companies are feeling their way around in the dark just like everyone else. A lot of my colleagues have hired consultants, but they're no further along than us."

What happens if you get it wrong? If the audit uncovers a material weakness, you must print a notice in the annual report--no one wants that. Furthermore, "if you're going to tell your CIO that it's OK to sign off on the IT portion of Sarbanes-Oxley, it'd better be right. If you fail, you pay with your job."

This was first published in August 2004
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSolidStateStorage

SearchVirtualStorage

SearchCloudStorage

SearchDisasterRecovery

SearchDataBackup

Close