The solution is to accept the reality that SOX is here to stay, and that corporate and IT governance are best integrated in a common or consistent framework. The sooner organizations adopt such an approach, the better off they will be.
To learn more:
SOX refers to COSO and its Internal Integrated Control Framework as a method to achieve compliance.
The IT Governance Institute maintains COBIT.
The Information Technology Institute has a wealth of materials on COBIT and application of COBIT in SOX compliance.
Protiviti offers documents regarding audit practices and, in particular, an FAQ regarding SOX section 404 compliance.
>> Next: SOX: Taking action
Step 1: Understanding compliance -- Financial and technical standards
Step 2: Scope of compliance
Step 3: Establishing an IT Control Framework
Step 4: Detailed objectives and policies
Step 5: Measuring compliance
Step 6: Managing and tracking compliance
Step 7: The changing nature of compliance
This was first published in February 2006