All over the globe, accounting- and technology-
Auditing Standard No. 2: "An Audit of Internal Control Over Financial Reporting Performed in Conjunction with an Audit of Financial Statements" (Effective June 17, 2004), http://www.pcaobus.org.
Committee of Sponsoring Organizations of the Treadway Commission, http://www.coso.org.
International Organization for Standardization, "ISO-Overview", February 2004, http://www.iso.org.
ISACA, (prior to January 1, 2006 was known as Information Systems Audit and Control Association), http://www.isaca.org.
IT Infrastructure Library, http://www.itil.co.uk.
IT Governance Institute, http://www.itgi.org.
IT Governance Institute, Board Briefing on IT Governance , 2nd ed. Rolling Meadows, IL, 2003. Copyright 2003 by the IT Governance Institute, http://www.itgi.org.
IT Governance Institute, CoBIT 4.0 , Rolling Meadows, IL, 2005. Copyright 2005 by the IT Governance Institute, http://www.itgi.org.
"NSA INFOSEC Assessment and Evaluation Methodologies", http://www.iatrp.com.
Soleil, Darcy, "Sarbanes Oxley Section 404 Compliance Tips for IT Managers," 2004, per ISACA SOX Forum listserv.
Soleil, Darcy, "Sarbanes Oxley Section 404 Compliance for IT Managers," Auditnet.org.
Software Engineering Institute, http://www.sei.cmu.edu.
The global nature of business and technology has long dictated a common understanding and support of standards, as demonstrated by the strategic partnerships of the
International Organization of Standardization
International Electrotechnical Commission
International Telecommunication Union
(ITU), and the
World Trade Organization
(WTO). Participation in these standards bodies has been voluntary, with a common goal of promoting global trading for all countries at all levels. Individual
Over the past
International Association of Internal
Despite numerous voluntary standards and guidelines in addition to regulatory
In the 1970s, the concern over internal controls related to financial reporting
By the mid-1980s, the savings and loan industry had
In 1991, Federal Deposit Insurance Corporation Act (FDICIA) was enacted for the banking industry as a response to the savings and loan collapse. It introduced upper-management accountability using sign-offs.
However, when Enron and other major corporations failed in 2001 and 2002, the U.S. government moved swiftly to enact the most extensive corporate