Offers some links to white papers about Sarbanes-Oxley compliance efforts
I have been immersed in compliance research lately for a couple of white papers I’m writing. I’m learning a lot about what IT departments have to go through to meet certain standards.
I don’t want to seem self-promoting, but I do want to share this white paper I wrote, Meeting Sarbanes-Oxley Challenges with Distributed Systems Recovery Solutions from BMC Software®. As usual, registration required, but it’s quick and easy. Here’s an excerpt from the paper.
“Containing the costs associated with Sarbanes-Oxley
The estimates for the costs of compliance continue to go up. A two-year-old CFO Magazine survey indicated that companies estimated they would spend up to $500,000 on Sarbanes-Oxley compliance. The Financial Executives International (FEI) organization surveyed 217 public companies with average revenues of $5 billion in March of 2005 and asked them to gauge their Section 404 compliance costs. FEI said that 404 compliance averaged $1.34 million for internal costs, $1.72 million for external costs and $1.30 million for auditor fees, for a total of $4.36 million. Other studies estimate that companies are spending even more money on compliance. The Johnsson Group, a Chicago consulting firm, estimates Sarbanes-Oxley will add $3 million to $8 million in annual compliance costs for Fortune 500 companies. (Source: Kahn, Jeremy. ‘A Taste Of Success ; But the real test for Sarbanes-Oxley is still ahead’ Fortune September 1, 2003)
With these costs in mind, though, choosing the proper controls and procedures can help build an infrastructure that adds value to the entire IT organization. You can leverage the knowledge acquired during your analysis to build a solid, enterprise-wide platform of best practices that are also based in the laws of regulation.”
In progress is a second, follow-on white paper about how our DBAs use BMC tools to keep our Sarbanes-Oxley backup and recovery procedures running smoothly. It’s in review but I hope to complete it soon. I’ll post another URL once that’s completed.
Another white paper related to Sarbanes-Oxley compliance is Ronnie Daucherty’s Sarbanes-Oxley Compliance: Using BMC CONTROL-M Solutions for Operations Management. If you attended his seminar you probably got a copy of this but I’ll link to it here as well. Good information.
If you’re responsible for maintaining compliance, keep up the good work! After reading, research, and interviews, I do believe that those compliance controls help organizations run smoothly and that DBAs and admins can sleep at night knowing their backups and batch jobs are progressing as scheduled. From where you sit, how does the compliance effort look to you? Here’s hoping all the long work weeks and late nights are behind you when it comes to Sarbox audits and compliance.