The Law of Unintended Consequences? Assessing the Costs, Benefits and Outcomes of the Sarbanes-Oxley Act Excerpted and reprinted from IS Audit & Control Journal, volume 1, 2004 (English)

INFORMATION SYSTEMS CONTROL JOURNAL

Document information

  • Title:
    The Law of Unintended Consequences? Assessing the Costs, Benefits and Outcomes of the Sarbanes-Oxley Act Excerpted and reprinted from IS Audit & Control Journal, volume 1, 2004
  • Journal / Series:
  • Volume:
    6
  • Page:
    5-6
  • Publisher:
    INFORMATION SYSTEMS AUDIT AND CONTROL ASSOCIATION
  • Year of publication:
    2009
  • Size:
    2 pages
  • ISSN:
  • Type of media:
    Article (Journal)
  • Type of material:
    Print
  • Language:
    English
  • Classification:
    DDC:    657.4550285

Table of contents – Volume 6

Show all volumes and issues

Tables of content are generated automatically and are based on records of articles contained that are available in the TIB-Portal index. Due to missing records of articles, the volume display may be incomplete, even though the whole journal is available at TIB.

5
Editorial - Issues & Comments
Cangemi, Michael | 2006
5
Editorial - Issues & Comments - Editor in Chief Michael P Cangemi, CISA, CPA, discusses the influence technology, the rise of Internet use and business changes in general have had on both fashion trends and web use by women. He also talks about the age-old scandals encountered by Wall Street.
Cangemi, Michael P. | 2000
5
Guest Editorial: You Can't Outsource Control
Zarrella, Edge | 2008
5
The Law of Unintended Consequences? Assessing the Costs, Benefits and Outcomes of the Sarbanes-Oxley Act Excerpted and reprinted from IS Audit & Control Journal, volume 1, 2004
| 2009
5
Guest Editorial: Breaking the Coconut
Penri-Williams, Hugh H. | 2007
5
Issues&Comments
Cangemi, Michael | 2002
5
Editorial - Issues & Comments - Examines the future of electronic commerce, calling it a bright future, despite the recent downturn in the IT industry. He goes on to call business professionals not to lose sight of the opportunities the Internet presents to reinvent business models.
Cangemi, Chief Michael | 2001
7
Connections Galorel
Sethuraman, S. | 2009
8
IS Security Matters: There Oughta Be a Law
Ross, S. J. | 2006
9
IS Security Matters: Standard Deviation
Ross, Steven J. | 2005
9
IS Security Matters - Who Needs Information Security?
Ross, Steven J. | 2003
9
IS Security Matters: I'm Not the Sheriff
Ross, Steven | 2007
9
Who Needs Information Security?
Ross, S. J. | 2003
9
Security Provisioning: Managing Access in Extended Enterprise
Oliver, D. J. | 2002
9
IS Security Matters: Certification and the Disappearing Perimeter
Ross, Steven J. | 2008
9
IS Security Matters - Eternal Truth and the Next New Thing - Steven J Ross, CISA, examines the security issues and practices that growing in complexity and importance as a result of the emergence of commerce. Specifically, he makes a case for basing information seen with change as its constant underpinning.
Ross, Steven J. | 2000
9
IS Security Matters - Frameworkers of the World, Unite
Ross, Steven J. | 2004
9
Netspionage: The Global Threat to Information
Lambert, M. | 2001
9
Frameworkers of the World, Unite
Ross, S. J. | 2004
9
Eternal Truth and the Next New Thing the security issues and practices that are growing in complexity and importance as a result of the emergence of ecommerce. Specifically, he makes a case for basing information security with change as its constant underpinning
Ross, S. J. | 2000
9
Book Reviews - Security Provisioning: Managing Access in Extended Enterprise
Oliver, Derek J. | 2002
10
Data Plumbing?
Ross, S.J. | 2009
10
Book Reviews - Security Audit and Control Features SAP(R) R-3(R): A Technical and Risk Management Reference Guide
Christodoulides, Michael | 2002
10
Security Audit and Control Features SAP® R/3®: A Technical and Risk Management Reference Guide
Christodoulides, M. | 2002
12
IT Audit Basics: What Every IT Auditor Should Know About Auditing Virtual Machine Technology
Singleton, Tommie W. | 2008
12
IT Audit Basics: What Every IT Auditor Should Know About Identity Theft
Singleton, T. W. | 2006
12
Privacy Parts
Ross, S. | 2002
12
IS Security Matters - Privacy Parts
Ross, Steven | 2002
13
IT Audit Basics: Computer Forensics: An Overview
Gallegos, Frederick | 2005
13
Managing the Audit Function: A Corporate Audit Department Procedures Guide, 3^r^d Edition
McMinn, J. / Simon, M. | 2003
13
Virtual Private Infrastructure
Ross, S. J. | 2001
13
IT Audit Basics: The COSO Model: How IT Auditors Can Use It to Evaluate the Effectiveness of Internal Controls
Singleton, Tommie | 2007
13
Educating the Masses: Audit, Control and Security of Information Systems Today and Tomorrow
Gallegos, F. | 2004
13
Management Guidelines for COBIT what Management Guidelines provides the user: Guidelines that are critical in providing the tools for management to use in a focused manner to link IT governance to enterprise governance
Roussey, R. S. | 2000
13
Perspective - Management Guidelines for COBIT - This article describes what Management Guidelines provides the user: Guidelines that are critical in providing the tools for management to use in a focused manner to link IT governance to enterprise governance.
Roussev, Robert S. | 2000
13
IT Audit Basics - Educating the Masses: Audit, Control and Security of Information Systems Today and Tomorrow
Gallegos, Frederick | 2004
13
IS Security Matters - Virtual Private Infrastructure - Examines the security concerns that arise with the advent of the virtual private infrastructure the use of personal-home computers by employees for business purposes.
Ross, Steven J. | 2001
14
Standards, Statements, Guidelines - ISACA Member and CISA Compliance
| 2002
15
What Every IT Auditor Should Know About IT Risk Assessment
Singleton, T.W. | 2009
15
Auditor's Risk Management Guide-Integrating Auditing and ERM
Sarathy, E. | 2003
15
When IT Lets the Business Down A summary of remarks made by ISACA/F International President Paul A. Williams at the International Conference 2000
Williams, P. A. | 2000
15
Perspective - When IT Lets the Business Down - A summary of remarks made by ISACA-F International President Paul A. Williams at the International Conference 2000.
Williams, Paul A. | 2000
16
Book Review: Phishing and Countermeasures: Understanding the Increasing Problem of Identity Theft
Kanhere, Vishnu | 2008
17
The IT Dimension of Basel II
Guldentops, E. | 2004
17
Book Review: IT Risk: Turning Business Threats Into Competitive Advantage
de la Fuente, Reynaldo J. | 2008
17
IT Governance - "To Be, or Not To Be" -- The Question of Runaway Projects
Sarup, Deepak | 2003
17
IT Governance - The IT Dimension of Basel II
Guldentops, Erik | 2004
17
"To Be, or Not To Be"-The Question of Runaway Projects
Sarup, D. | 2003
17
Surfing @ the Razor's Edge: Governance and Managing Change
Sarup, D. | 2002
17
Standards, Statements, Guidelines - Standards and guidelines for maintaining compliance for both ISACA" membership and the CISA" designation are outlined and the status of ISACA issuances noted.
| 2001
17
IT Governance - Surfing (commat) the Razor's Edge: Governance and Managing Change
Sarup, Deepak | 2002
17
Book Review: Making IT Governance Work in a Sarbanes-Oxley World By Jaap Bloem, Menno Van Doorn and Piyush Mittal
de la Fuente, R. J. | 2006
18
Global Perspectives: Privacy for the Individual-A Reserve Bank of India Initiative
Chaudhuri, A. P. / Sinha, A. | 2006
18
IT Value: Practical Guidance on Establishing the Val IT Value Governance Process
Harries, Sarah / Harrison, Peter | 2008
18
Standards, Statements, Guidelines - ISACA(R) Member and Certification Holder Compliance
| 2007
19
Pius - HeIpSource Q & A
Lilly, Fred | 2001
19
IT Governance: The Rule of Four of IT Governance
Guldentops, Erik | 2007
19
Global Perspectives
Ong'ondt, Dismas / Stewart-Rattray, Jo / Coe, Martin J. | 2005
19
Survivability Strategies for the Next Generation Network
Huang, S. | 2006
19
Plus - Technical Q & A, Helpsource
Lilly, Fred L. | 2000
19
Security, Audit and Control Features SAP® ERP, 3^r^d Edition
Kammermeier, P. | 2009
20
Five Questions With...
Pecora, Antonio F. | 2008
20
Maintaining IT Audit Proficiency-The Role of Professional Development Planning
Gallegos, F. | 2002
20
IT Audit Basics - Maintaining IT Audit Proficiency -- The Role of Professional Development Planning
Gallegos, Fred | 2002
20
Identify, Govern and Manage IT Risk Part 3: Techniques and Uses for Risk IT and Its Supporting Materials
Fischer, U. | 2009
21
Information Technology Auditing and Cybercommerce: A Risk Perspective
Pathak, Jagdish | 2004
21
COBIT Online Goes Live
Guldentops, Erik | 2003
22
IT Governance: Taking Governance Forward
Stachtchenko, Patrick | 2008
22
Expert Consensus on the Top IT Controls for a Small Business
Busta, B. / Portz, K. / Strong, J. / Lewis, R. | 2006
23
IT Governance Perspective - IT Governance Can Help Guide Business eCommerce Initiatives - This article explains that with each technological advancement responding vulnerability or security concern. Enterprise managers are called to the task to balance IT benefits, risks and controls. This article sheds light on how to create the balance.
Lainhart IV, John W. | 2000
23
IT Governance Can Help Guide Business eCommerce Initiatives This article explains that with each technological advancement comes a corresponding vulnerability or security concern. Enterprise managers are called to the task to balance IT benefits, risks and controls. This article sheds light on how to create the balance
Lainhart, J. W. | 2000
23
IT Value: New IT Is Not Just for Christmas
Tiernan, Chris | 2007
23
IT Governance - Corporate Governance and ICT: A Marriage of Reason - Discusses the importance of viewing information and communication technologies as an integral part of the corporate strategy. Further, he describes what is necessary to apply the IT governance concept to the organization.
Bourdariat, Jean | 2001
23
Corporate Governance and ICT: A Marriage of Reason
Bourdariat, J. | 2001
24
Cloud Computing: An Auditor's Perspective
Gadia, S. | 2009
24
Accounting for Value and Uncertainty in Security Metrics
Axelrod, C.Warren | 2008
25
Commentaries - COBIT 3rd Edition Usage Survey: Growing Acceptance of COBIT
Guldentops, Erik / Haes, Steven De | 2002
25
Commentary - Wise Wireless: Securing the WLAN
Bindseil, James | 2003
25
COBIT 3^r^d Edition Usage Survey: Growing Acceptance of COBIT
Guldentops, E. / De Haes, S. | 2002
25
Book Review: Managing Enterprise Information Integrity: Security, Control and Audit Issues
Chuluunbaatar, Sod | 2005
25
IT Value: The Birth of Val IT
| 2006
25
Book Review: 7 Steps to Better Written Policies and Procedures
Page, Stephen / Chatterjee, Soumen | 2007
25
Wise Wireless: Securing the WLAN
Bindseil, J. | 2003
25
Book Review: 7 Steps to Better Written Policies and Procedures By Stephen Page
Chatterjee, S. | 2007
26
Book Review: Essentials of Strategic Project Management
Chua, Joyce | 2006
27
IT Governance: Enterprise Governance and the Role of IT
Hamaker, Stacey / Hutton, Austin | 2006
27
Book Review: ISO 9001:2000-The Quality Management Process By Ray Tricker
Rafeq, A. | 2007
27
Features - A Question of Value - Determining the value of e-business in the banking sector, so that it can be a positive sum rather than a zero sum, often depends on an assessment and executive endorsement of the preliminary business model. This article goes into further detail.
Sarup, Deepak | 2000
27
Commentary - Investing in Security -- Do Not Rely on FUD
Tongia, Rahul / Jain, Kanika | 2003
27
Identity Theft and Corporations' Due Diligence
Olatilu, O. | 2006
27
XBRL-How the West Was Won
Zonneveld, P. A. | 2001
27
On Security Education, Training and Certifications
Ryan, Julie J.C.H. / Schou, Corey D. | 2004
27
An Exploration of Global Perceptions of Secutity and Privacy
Gerdes, Michael | 2002
27
Perspective - XBRL -- How the West Was Won - The author discusses the role XBRL (Extensible Business Reporting Language) will play in the future of electronic business.
Zonneveld, Paul A. | 2001
27
Book Review: ISO 9001:2000 -- The Quality Management Process
Tricker, Ray / Rafeq, A. | 2007
27
Investing in Security-Do Not Rely on FUD
Tongia, R. / Jain, K. | 2003
27
A Question of Value Determining the value of e-business in the banking sector. so that it can be a positive sum rather than a zero sum, often depends on an assessment and executive endorsement of the preliminary business model
Sarup, D. | 2000
27
An Exploration of Global Perceptions of Security and Privacy
Gerdes, M. | 2002
28
Y2K Silver Lining-Overblown or Extremely Well Managed?-Solving Year 2000
Parker, R. G. | 2000
28
Features - Y2K Silver Lining -- Overblown or Extremely Well Managed? -- Solving Year 2000 - This author discusses the value of added practices gleaned from the Y2K phenomenon and provides a roadmap to retain them.
Parker, Robert G. | 2000
29
How to Preserve Security and Autonomy While Meeting Information-sharing Directives
Schumacher, S. | 2009
30
Important, But Often Dismissed: Internal Control in a Microsoft Access Database
White, J. H. | 2006
30
Implementing, Automating and Validating Controls for Privileged Users in Healthcare Organizations
Traverse, Cheryl | 2008
30
Perspective - When Code Red Attacks: Addressing Real Vulnerabilities Behind Virus Hysteria - The attack of the Code Red worm demonstrates the vulnerability of the current Internet infrastructure. The authors discuss the big picture of malicious code and the vulnerabilities it exposes.
Burnette, Mark / Gomez, Claudia | 2001
30
The New World of Risk-based Regulation (Part 1)
Micallef, Mario | 2007
30
When Code Red Attacks: Addressing Real Vulnerabilities Behind Virus Hysteria
Burnette, M. / Gomez, C. | 2001
31
IT Audit Independence: What Does It Mean?
Gallegos, F. | 2003
31
IT Audit Basics - IT Audit Independence: What Does It Mean?
Gallegos, Fred | 2003
32
Best Practices for Establishing an Effective Workplace Policy for Acceptable Computer Usage
Nolan, John | 2005
32
Features - Improving the Cost-Effectiveness of a Test Suite for User Acceptance - The authors elucidate ways for improvement since user acceptance tests are often conducted using blind box methods because these are based on formal specifications when most commercial specifications are written in a information manner. The authors describe these pitfalls and suggest ways to avoid them.
Yu, Yuen Tak / Tang, Sau Fun / Poon, Pak Lok / Chen, Tsong Yue | 2000
32
Commentaries - Control and Governance Maturity Survey: Establishing a Reference Benchmark and a Self-assessment Tool
Guldentops, Erik / Grembergen, Wim Van / Haes, Steven De | 2002
32
Improving the Cost-Effectiveness of a Test Suite for User Acceptance Tests
Yu, Y. T. / Tang, S. F. / Poon, P. L. / Chen, T. Y. | 2000
32
Control and Governance Maturity Survey: Establishing a Reference Benchmark and a Self-assessment Tool
Guldentops, E. / Van Grembergen, W. / De Haes, S. | 2002
33
Patch Management: An Effective Line of Defense for UNIX and Limix
Andrew, Chris | 2003
33
COBIT: An Ideal Tool for Teaching Information Security Management
Pattinson, Malcolm | 2004
33
How Has Sarbanes-Oxiey Compliance Affected Information Security?
Spears, J.L. | 2009
33
Standards, Statements, Guidelines - ISACA® Member and Certification Holder Compliance
| 2008
33
Patch Management: An Effective Line of Defense for UNIX and Linux
Andrew, C. | 2003
35
Is the IT Risk Worth a Control? Defining a Cost-value Proposition Paradigm for Managing IT Risks
Sathiyamurthy, Sudhakar | 2008
35
COBIT 4.0: The New Face of COBIT
Hardy, Gary / Guldentops, Erik | 2006
35
Living With Risk
Pareek, M. | 2006
35
The Center for Internet Security: Global Security Benchmarks for Computers Connected to the Internet
Kreitner, C. / Miuccio, B. | 2001
35
Features The Center for Internet Security: Global Security Benchmarks for Computers Connected to the Internet - The members of the Center for Internet Security (CIS) develop technical security benchmarks through a global consensus process that brings together industry, government, academia and consultants. Their primary objective is widespread adoption of the benchmarks to improve Internet security worldwide.
Kreitner, Clint / Miuccio, Bert | 2001
36
Preparation Is the Key Ingredient to a Successful SIM
Emmett, Mark D. | 2007
36
The Importance of Event Correlation for Effective Security Management
Caldwell, Matthew | 2002
37
Utilization of Generalized Audit Software in an Information Systems Auditing Course
McCombs, Gary B. / Sharifi, Mohsen | 2004
37
Case Study - Getting Action on Audit Results
Sparks, Harry A. | 2003
37
Getting Action on Audit Results
Sparks, H. A. | 2003
37
Achieving Continuous IT Auditing: RICA
Johnstone, D. / Wong, E.C.Y. | 2009
38
Features The State of Enterprise Security Management - In this interview, Reed Harrison, chief technology officer, e-Security, Inc., provides his understanding of enterprise security management and its importance.
Judge, Joe | 2001
38
The State of Enterprise Security Management
Judge, J. | 2001
39
Application Risk in a TCP-IP Environment
Harrison, Robert M. | 2002
39
Features - Information Systems Auditing in Developing Economies -- The Bosnian Challenge - Written by an auditor in the US Federal Government, the author systematically describes firsthand the challenges of building information auditing functions in a war-torn country.
Buxton, Brian M. | 2000
39
Identity Theft: A New Frontier for Hackers and Cybercrime
Cilli, Claudio | 2005
39
New Identity Theft Regulations
Gonzalez, Silka | 2008
39
Information Systems Auditing in Developing Economies-The Bosnian Challenge
Buxton, B. M. | 2000
39
ISACA Model Curriculum 2004: Continuing to Invest in the Future
Lord, Alan T. / Gallegos, Frederick | 2004
39
From CSI to the Classroom: Developing A Computer Forensics Degree Program
Staley, A. B. / Inch, S. / Shapeero, M. | 2006
41
Large-scale Biometric Management: A Centralized, Policy-based Approach to Reducing Organizational Identity Chaos
Byrne, Jim | 2003
41
Security Within VoIP Networks
Ramirez, David | 2007
41
Assessing Data Authenticity with Benford's Law
Hasan, Bassam | 2002
42
Understanding Virtual Organizations
Pang, L. | 2001
42
Security and Privacy Trade-offs in RFID Use
Srinivasan, S. | 2009
42
Issues With Auditing the Systems Development Process
Henderson, Dave | 2008
42
Features Understanding Virtual Organizations - This article examines the concepts, technologies and issues surrounding virtual organizations (VO) with a knowledge management (KM) perspective. It identifies foundational concepts, surveys KM technologies that support VOs and looks at case studies of VOs in the private and public sector.
Pang, Les | 2001
42
Building an Educational Response to Terrorism: A Multifaceted Problem, A Multidimensional Response
Maconachy, William V. / Schou, Corey / Frost, James / Springer, John | 2004
43
Transitioning IT From a Compliance to a Value-driven Enterprise Using COBIT
Lawton, Robert | 2007
43
Procedure Guidelines and Controls Documentation: SDLC Controls in CobiT® 4.0
Basham, R. | 2006
44
Web Application Security
Stasiak, Ken | 2002
44
Security and Ownership of Personal Electronic Devices
Bassett, Richard A. / Mack, Rita / Foster, Jason / Swiation, Andrew | 2005
44
Comercio Electronico-La Nueva Perspectiva de Los Negocios
Gonzalez, M. H. | 2000
44
Features - Comercio Electronico -- La Nueva Perspectiva de Los Negocios - The companion piece to this article, printed in English, is posted ISACA web site.
González, Marcelo Héctor | 2000
45
How Does the Business Drive IT? Identifying, Prioritising and Linking Business and IT Goals
Grembergen, Wim Van / Haes, Steven De / Brempt, Hilde Van | 2007
46
Privacy Is in the Eye of the Beholder
Schreider, Tari | 2003
46
Monitoring Privileged Application Users in Oracle Applications Environment
Hare, Jeffrey T. | 2008
47
A Survey of Application Security in Current International Standards
Greene, Fredric | 2002
47
The Rising Impact of Virtual Machine Hypervisor Technology on Digital Forensics Investigations
Bates, P. | 2009
48
A Wake Up Call to All Information Security and Audit Executives: Become Business-relevant
Taylor, Patrick | 2004
48
Features Risk Management for Internet Banking - Many banks have assumed that Internet banking primarily increases information security risks and have not sufficiently focused on the effect on other banking-specific risks. This article provides an overview of the various risks that are heightened with Internet banking and a holistic approach to managing these risks.
Ramakrishnan, Ganesh | 2001
48
Risk Management for Internet Banking
Ramakrishnan, G. | 2001
49
Identity Management: A Business Strategy for Collaborative Commerce
Ahuja, Jay | 2003
49
Features - Secure Electronic Transaction (SET) Protocol - SET, as the name implies, is a standard which ensures that credit card associated payment order information travel safely and securely among various parties on the Internet.
Ramakrishnan, Ganesh | 2000
49
Technology as the Relationship Doctor for Business: Understanding Business Relationships Within an Organizational Hierarchy Framework
Moseley, Marty | 2007
50
Internal Cyberforensics
Bakshi, Sunil | 2005
50
Applying Testing to Requirements Inspection for Software Quality Assurance
Chen, T. Y. / Poon, P.-L. / Tang, S.-F. / Tse, T. H. / Yu, Y. T. | 2006
51
Business Process Management Systems: The Internal Control Perspective
Natovich, J. | 2009
51
The Institutional Need for Comprehensive Auditing Strategies
Milus, Stu | 2004
52
Plus - CPE Quiz #73. Based on Volume 4, 2000, Operating and Manufacturing Systems
Oringel, Joey | 2000
52
Analysis of FFIEC Guidance: Technologies and Decisions on Authentication
Felker, Mikhael | 2007
52
Black Box Testing: Its Fundamental Concepts and Problems
Poon, Pak-Lok | 2008
52
Features Intrusion, Attack, Penetration -- Some Issues - B2B, B2C and Internet-based e-commerce transactions, hosting vertical portals and Internet banking have come of age and are facing serious threats of attack, penetration or intrusion. What makes a system vulnerable to attack? What protective mechanisms can be built and put in place?
Mahadevan, Chidambaram | 2001
52
Intrusion, Attack, Penetration-Some Issues
Mahadevan, C. | 2001
52
HelpSource Q& A
Lilly, Fred | 2002
54
COBIT'S Management Guidelines Revisited: The KGIs-KPIs Cascade
Grembergen, Wim Van / Hae, Steven De | 2005
54
An Introduction to Cryptography
Piper, Fred | 2003
54
Standards, Statements, Guidelines - Procedures to maintain compliance for both ISACA membership and CISA designation are outlined and the status of ISACA issuances is noted.
| 2000
55
CPE Quiz #85, based on volume 4, 2002
Oringel, Joey | 2002
57
Help Source - Help Source Q&A
Ganapathi Subramaniam, B. | 2004
58
Pius - CE Quiz #79, Based on Volume 4, 2001
Oringel, Joey | 2001
59
CPE Quiz - CPE Quiz #97, based on volume 4, 2004
Oringel, Joe | 2004
59
CPE Quiz #121 - Based on Volume 4, 2008
Khan, Kamal | 2008
59
CPE Quiz #115 - Based on Volume 4, 2007
Rafeq, A. | 2007
59
CPE Quiz #103 - Based on Volume 4, 2005
Rafeq, A. | 2005
62
Security in the Land Down Under
Ford, Stephen | 2003
67
CPE Quiz #91, based on volume 4, 2003
Oringel, Joe | 2003
ISACA Bookstore - ISACA Bookstore Price List Supplement
| 2004
ISACA Bookstore Price List Supplement
| 2003
Plus - ISACA Bookstore Price List Supplement
| 2000
Pius - ISACA Bookstore Price List Supplement
| 2001

Similar titles