IT plays a central role in an enterprise's ability to comply with the Sarbanes-Oxley Act of 2002. To meet the act's regulations, IT managers must be proactive. Use this checklist to guide an organized approach to reaching and sustaining compliance.
- Initiate and maintain communication with others involved in Sarbanes-Oxley compliance efforts within your organization.
- Review all internal IT processes to ensure they can be audited and that all changes can be documented.
- Review record retention and data storage strategies and infrastructure.
- Evaluate nonstandard and standalone IT systems to ensure proper controls are in place.
- Determine, implement, and reevaluate as necessary the technology needed to comply with Sarbanes-Oxley and to sustain compliance going forward.
- Include operational transparency in the ongoing evaluation of new technology.
- Determine and implement best practices to the extent possible.