Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Beyond Sarbanes-Oxley Compliance", Anne M. Marchetti

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Ha
    BKBYNSOX.RVW 20070228 Beyond Sarbanes-Oxley Compliance , Anne M. Marchetti, 2005, 0-471-72626-5, U$49.95/C$64.99/UK#27.95 %A Anne M. Marchetti %C 5353
    Message 1 of 1 , May 24, 2007
    • 0 Attachment
      BKBYNSOX.RVW 20070228

      "Beyond Sarbanes-Oxley Compliance", Anne M. Marchetti, 2005,
      0-471-72626-5, U$49.95/C$64.99/UK#27.95
      %A Anne M. Marchetti
      %C 5353 Dundas Street West, 4th Floor, Etobicoke, ON M9B 6H8
      %D 2005
      %G 0-471-72626-5
      %I John Wiley & Sons, Inc.
      %O U$49.95/C$64.99/UK#27.95 416-236-4433 fax: 416-236-4448
      %O http://www.amazon.com/exec/obidos/ASIN/0471726265/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0471726265/robsladesin03-20
      %O Audience i- Tech 1 Writing 1 (see revfaq.htm for explanation)
      %P 271 p.
      %T "Beyond Sarbanes-Oxley Compliance"

      Part one deals with the basic level of compliance, ensuring that a
      company is not in contravention of the Sarbanes-Oxley (SOX) act.
      Chapter one is on overview of the US law. More detail on sections
      302, 404, and 409 of the act, and the implications thereof, is
      provided in chapter two. Factors affecting the initial, rudimentary
      level of compliance are discussed in chapter three, but the material
      is somewhat disorganized. Chapter four defines a number of terms
      relating to control deficiencies, and outlines a six-step "path" to
      compliance (which is based upon general project management stages).

      Part two moves from the fundamental compliance level to a process
      involving ongoing maintenance and monitoring. Chapter five examines
      the success (and failure) factors for change management, and this time
      promotes a five-step project cycle, which is extended and detailed in
      chapter six. The audit function is reviewed, in chapter seven, mostly
      regarding independence between auditors and the audited. Other
      matters relating to ensuring compliance on an ongoing basis are noted
      in chapter eight.

      Part three suggests that companies move beyond regarding mere
      requirements for compliance to process improvement, the topic of
      chapter nine. The remaining chapters, although seemingly included in
      this part of the book have little to do with process improvement as
      such: ten explores the International Financial Reporting Standard
      (IFRS), eleven notes SOX requirements for companies not under the
      jurisdiction of the United States, and twelve looks at initiatives
      from the financial services industry, such as Basel II.

      In the earlier "Beyond COSO" (cf. BKBECOSO.RVW) Steven Root
      recommended that companies should implement internal controls as
      suggested by the Committee of Sponsoring Organizations of the Treadway
      Commission, but must also go beyond them, in a manner similar to the
      layered defence or defence in depth models. Marchetti's similar title
      would imply a comparable intent. Unfortunately, "Beyond Sarbanes-
      Oxley Compliance" is incomplete in its explanation of SOX, and does
      not provide much assistance in achieving minimal compliance, let alone
      moving beyond that level. For those with a rudimentary understanding
      of internal controls, this book does provide some additional
      background and a set of factors to consider, but not much more.

      copyright Robert M. Slade, 2007 BKBYNSOX.RVW 20070228

      ====================== (quote inserted randomly by Pegasus Mailer)
      rslade@... slade@... rslade@...
      I don't use drugs; my dreams are frightening enough - Escher

      Dictionary of Information Security www.syngress.com/catalog/?pid=4150
    Your message has been successfully submitted and would be delivered to recipients shortly.