PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
November 2005

Layer 8: SOX security spending is an old, wrinkled tactic

Those who have used the law to justify their infosecurity projects must answer for their spending. I recall a college philosophy course that had us wrestle with the question, "Does it pay to be ethical?" Perhaps a more current rephrasing of the inquiry would be, "Does it pay to be SOX-compliant?" The answer depends on not just ethical considerations, but also political and economic factors. If the sole purpose of the Sarbanes-Oxley Act is to prevent another Enron/Tyco/WorldCom debacle, then everything being asked of IT is a waste of time. If SOX is purely a political measure designed to ensure the re-election of congressmen, then it's obviously a waste of IT's budget. But if the purpose of SOX is to improve revenue for the auditing firms, then it has been a resounding success. The last several centuries of capitalism demonstrate that an independently verified level of transparency and governance is beneficial to investors and other stakeholders. Although national legislation and enforcement is a messy and imprecise instrument, ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue