SOX乐事:萨班斯-奥克斯利法案及服务型架构为何大快人心 The Joy of SOX :
点此进入淘宝搜索页搜索分類: 图书,进口原版书,科学与技术 Science & Techology ,
作者: Hugh Taylor 著
出 版 社: 吉林长白山
出版时间: 2006-12-1字数:版次: 1页数: 283印刷时间: 2006/04/01开本:印次:纸张: 胶版纸I S B N : 9780471772743包装: 平装内容简介
The Sarbanes-Oxley Act (SOX) was passed in 2002 in response to a series of high-profile corporate scandals and requires that public companies implement internal controls over financial reporting, operations, and assets; these controls depend heavily on installing or improving information technology and business methods
Written by one of the most visible personalities on the tech-biz side of the SOX discussion, this highly readable, engaging book provides a clear road map for integrating SOX compliance into the fabric of everyday IT infrastructure and business practice
Shows the reader how to leverage and use service-oriented architecture (SOA), a set of technologies that enables interoperation of heterogeneous computer systems, to achieve the level of internal controls over IT that SOX mandates
作者简介
Hugh Taylor is Vice President of Marketing at SOA Software, the leading provider of management and security solutions for enterprise service-oriented architecture. He is the co-author, with Eric Pulier, of Understanding Enterprise SOA (Manning, 2005). The author of more than a dozen articles and papers on the subject of web services and service-oriented architecture, Taylor is an authority on business process management, SOA, and compliance issues. Taylor received his B.A. degree, Magna Cum Laude from Harvard College in 1988 and his M.B.A. degree from Harvard Business School in 1992. He lives in Los Angeles.
目录
Acknowledgements
Introduction
Part 1: The SOX Paradox
Chapter 1: The Trouble with DexCo
The Curse of the Adequate Performer
A Functioning Mess
Financials
Hidden Time Bombs
Summary
Chapter 2: Agility: The Do or Die Mandate
New Blood, New Operating Environment
Moving Targets
Partnerships
Rapid Market Cycles
Technology Shifts
M&A
Retail Consolidation
Regulatory Shift
Betting the Company
Outsourcing
Agility for DexCo
The Wilde Plan
Summary
Chapter 3: Ramifications of SOX 404
SOX 404—Definition and Context
SOX 404 and the Audit Process
COSO at DexCo
Control Objectives
Control Components
Control Environment
Risk Assessment
Control Procedures
Information and Communication
Monitoring
Why Linda Is Freaking Out
Summary
Chapter 4: Between SOX and a Hard-Coded Place
Internal Controls and Business Processes
Internal Controls and Information Technology
Control Points
Interdependent Controls
The FAST Track to a Control Breakdown
Broken Control Points
Summary
Chapter 5: Commit to COBIT?
This Is a High Stakes Game
Strong Medicine: COBIT
COBIT: Where IT Enables Controls
Components of COBIT
COBIT and Sarbanes Oxley
COBIT in Depth: The DS 11 Process
Control Statements
Key Goal Indicators
Key Performance Indicators
Critical Success Factors
Maturity Models
Implications of DS 11’s Maturity Scale
Summary
Chapter 6: COBIT for Mere Mortals
The 80/20 Heat Map
COBIT Implementation
Finding the Hot Areas for COBIT
Deep Dive—Maturity of COBIT in a Hot Area
Deeper Dive—COBIT Issues for a Specific Function
Deep Dive—Circle Back to COSO
COBIT and People
Paying the Tab for COBIT
DexCo’s Next Steps on COBIT
Summary
……
Part II: Thinking Outside the SOX
Part III: Actually Doing It—For Real
Appendix A: Glossary
Appendix B: Resources
Bibliography
Reports and White Papers
Index
