"Sarbanes-Oxley for Dummies", Jill Gilbert Welytok, 2006,
%A Jill Gilbert Welytok jgilbert@...
%C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
%I John Wiley & Sons, Inc.
%O U$21.99/C$25.99 416-236-4433 fax: 416-236-4448
%O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
%P 364 p.
%T "Sarbanes-Oxley for Dummies"
The introduction states that this is an overview treatment of the
Sarbanes-Oxley (SOX) law and related regulations, avoiding in-depth
discussions but providing enough background for the reader to
understand key concepts, structure basic compliance, and predict major
future trends in the directives.
Part one gives a historical review of the rationale behind SOX.
Chapter one looks at loopholes in reporting before SOX, the political
climate behind the swift passage of SOX, and the basic requirements
under SOX. The financial scandals that gave impetus to the law, and a
review of the new restrictions from a slightly different perspective,
are in chapter two. Various (United States) securities laws, and the
specific SOX provisions, are listed in chapter three. Chapter four
gives a very brief outline of financial statements (without really
explaining how SOX will assist with reporting).
Part two addresses compliance with the new standards. Chapter five
notes that the accounting profession now has specific criteria to meet
in regard to auditing, rather than the previous self-regulation. The
Public Company Accounting Oversight Board (PCAOB) is described in
chapter six. Rules for audit committees are listed in chapter seven.
Chapter eight notes regulations for ensuring the independence of
boards of directors. Specific edicts for chief executive and
financial officers are noted in chapter nine. Chapter ten mentions
other new dictates for corporate management.
Particulars of audits according to section 404 are outlined in part
three. Chapter eleven looks at the meaning of "internal controls."
Roles and responsibilities for components of an audit are covered in
chapter twelve. Specific problems and items that will assist in the
audit process are in chapter thirteen.
Part four notes software tools, supposedly to help you either with
security program planning or compliance with SOX. Chapter fourteen
lists types of software and the tasks that can be assisted by
software. The tasks are not correlated with the types of software,
and there are actually only a couple of programs mentioned. Preparing
to use one specific program is described in chapter fifteen.
Part five looks to the future. Chapter sixteen looks at some of the
court cases in areas related to SOX. Chapter seventeen notes the
extension of SOX to activities that might be considered to be outside
its jurisdiction (including foreign companies).
Part six is the obligatory "Part of Tens," including ten ways to not
get sued, an equivalent number of tips for an audit committee, smart
management moves, things an auditor can't change after the audit, and
There is surprisingly little explanation about what SOX actually is
and requires. There is some background about the development of SOX,
but the key concepts, basic compliance, and prediction of future
trends is definitely missing. Since legal compliance issues are
likely of great significance to corporations, it is unlikely that this
book would be of much help to anyone.
copyright Robert M. Slade, 2007 BKSOXDUM.RVW 20070125
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... slade@... rslade@...
The presence of those seeking the truth is infinitely to be
preferred to those who think they've found it.
- `Monstrous Regiment,' Terry Pratchett
Dictionary of Information Security www.syngress.com/catalog/?pid=4150