All about IT Governance

Yes - if handled right.

What values does it add? It will definitely stabilize the environment and avoid outages.

If SOX is embedded into day-to-day operations, SOX does add value. For that matter, any mature and proven process does add value.

However, SOX ‘values’ starts becoming visible when you formalize the changes - Systems, People, Day-to-day processes and Auditors.  For example, if there is a clear ‘training’ checklist to follow when a new hire is welcomed into the operations team or an employee is terminated, it avoids a lot of unwanted surprises due to changes performed by a new hire.

In our experience, SOX has specifically avoided surprises - people tend to ask questions, figure the rational behind the ‘urgent needs’ and tend to move towards a repeatable task.

When can SOX not add value? When SOX is not embedded within the day-to-day operations or when SOX is handled as a separate process from the day-to-day operational tasks.

This entry was posted on Thursday, November 15th, 2007 at 3:55 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.