Yet more on Sox, Compliance etc

Credit to Mark Crofton for spotting this blog-newsletter, fiercesarbox.  Subscribed! It is a super source of compliance related news and fluff free commentary.  Some examples.

The new guidance from the SEC and PCAOB 

Enterprise Risk 

Sarbox costs continue to decline, audit fees remain high

Myth busted: Sarbox not driving away U.S. companies

Compliance readiness: a way of life?

More jargon: What is a SAS Type II Exam?

All good stuff,  but I’ll leave you with this gem

Sarbanes-Oxley is a convenient scapegoat in a lot of ways. If a company wants to go private, there’s no shame in citing the law. If a CFO wants to step down, he can always say Sarbox has made his job impossible. Exchanges can always blame Sarbox when another listee goes overseas. The list goes on and on. Perhaps you should use this wonderful scapegoat to your advantage. Tim Minahan, a supply chain expert who cut his teeth at Aberdeen, has released an e-book called the The 100 Greatest Supply Management Tips of All Time! Tip No. 11 is a great one: “Create a Crisis: Whenever possible, link your supply management initiative to a top corporate goal or challenge, such as complying with the Sarbanes-Oxley Act or managing risk. This speeds alignment and can help secure executive and stakeholder support.” So there you have it. If you want something done, use Sarbox


Technorati tags: , ,

4 thoughts on “Yet more on Sox, Compliance etc”

  1. I would like to introduce one website which I recently came across provides a wonderful tool to comply with regulations like SOX and it also helps in complying with many other regulations also like HIPAA, ISO 17799. A crosswalk matrix poster between different regulations of Symantec is a very useful tool for compliance team and risk management office. This poster is crosswalk between: Sarbanes Oxley, HIPAA, ISO 17799, COBIT 4.0, Payment Card Industry (PCI), GLBA, NERC standards CIP and PIPEDA (Canada)

  2. Contingency plan templates created by can jump start HIPAA, Sarbanes Oxley (SOX), FISMA, ISO 17799 and many other regulations/standards contingency plan project which includes risk assessment, business impact analysis (BIA), business continuity plan (BCP), disaster recovery program (DRP), emergency mode operation plan (EMOP), data backup plan, testing and revision procedures and many other projects. These templates can also be used by IT departments of different companies, security consulting companies, manufacturing company, servicing companies, financial institutions, educational organizations, law firms, pharmaceuticals & biotechnology companies, telecommunication companies and others. Any organization large or small can be use these templates

  3. Your site seems to have some cool stuff. I like the bit about Tim Minahan. Im looking for infomation on the areas below as im trying to get a holistic view on this.

    Database Threat Monitoring
    SOX Compliance
    Log Management

    I feel that there is too much ‘Golden Joystick’ awards and lots of attention paid to them but not any to the nitty gritty of the internet. theotherthomasotter have pointed out some great areas that I want to look into. As such please email me at

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s