SOX Me, Baby - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Enterprise Applications
Commentary
11/18/2004
06:48 PM
50%
50%

SOX Me, Baby

If you work in the IT department of a publicly-traded company, you're probably familiar with Sarbanes-Oxley. If the very sight of that name causes an annoying facial tic and makes you want a cigarette, and if your company also happens to use open-source software, we need to talk.

If you work in the IT department of a publicly-traded company, you're probably familiar with Sarbanes-Oxley. If the very sight of that name causes an annoying facial tic and makes you want a cigarette, and if your company also happens to use open-source software, we need to talk.

For the blissfully ignorant, Sarbanes-Oxley is the government's response to the wave of Enron-esque corporate accounting scandals a few years ago. The law (colloquially known as SOX) imposes strict new reporting and accountability requirements on publicly-traded companies. This includes not just financial reports and regulatory filings, but also, in practice, every business process and system that affects the integrity of the data used to produce those reports. And this very definitely includes a firm's IT operations: From software and servers to networking and storage systems, if financial data moves into, onto, from, or through it, you can bet a firm's internal SOX auditor will take an interest in it.

Those auditors have one goal in mind: to ensure that a firm can pass a real-life government SOX audit. They are looking for problems that could get a company delisted or land its executives in jail. They have no sense of humor, they do not want to hear excuses, and you're best advised not to let them hear you talking about cathedrals, bazaars or the "community" that built your firm's database server.

Some people have questioned whether these drill instructors in pinstripes would take one look at open-source software, realize what it's all about, and start throwing around pink slips like confetti in a victory parade. Earlier this year, for example, analyst and occasional Linux Pipeline contributor Rob Enderle took an extremely skeptical view of whether open-source software could survive an internal SOX audit.

For many IT departments affected by SOX, a key compliance deadline (the cleverly-named "Section 404") passed this week. It seems to me that if the worst-case scenario had come to pass, we would have noticed all of those Fortune 500 dumpsters piled high with open-source products. Even so, there might have been some interesting, if less dramatic, encounters between IT departments using open-source software, zealous SOX auditors, and corporate executives eager to avoid a free trip to Club Fed.

Please note: I'm not asking anyone to spill the actual contents of their firm's internal auditor report. That, too, will get you a bunk next to Martha Stewart--cruel and unusual punishment, indeed.

So, do you work for a firm that got SOXed this year? Do you have stories or opinions to share about the relationship between SOX and open-source software in your company? Drop me a line, I'm dying to hear all about it. If you'd rather keep your name and your company out of it, just let me know.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Commentary
Where Cloud Spending Might Grow in 2021 and Post-Pandemic
Joao-Pierre S. Ruth, Senior Writer,  11/19/2020
Slideshows
The Ever-Expanding List of C-Level Technology Positions
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/10/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
Slideshows
Flash Poll