Comply! Resistance is futile

被引：3

作者：

Lazarides, Themistokles ^{[1
]}

机构：

[1] Department of Information Technology Applications Administration and Economy, Technological Institute of West Macedonia, Grevena

来源：

Information Management and Computer Security | 2007年 / 15卷 / 05期

关键词：

Corporate governance; Information systems; Organizations;

D O I：

10.1108/09685220710831080

中图分类号：

学科分类号：

摘要：

Purpose The goal of the paper is to detect any gaps in the legislator's and practitioner's approaches in information systems design and implementation and to evaluate their impact on an organizational and managerial level. Design/methodology/approach Basic information system requirements are presented for compliance with the Sarbanes-Oxley Act. These requirements are compared with the provisions made by the vendors (like SAP, Microsoft, etc.) to address the issues raised by the legislators and the OECD's corporate governance principles and guidelines to provide a holistic approach to the problem of corporate governance system alignment. Findings The questions raised by the author are: did the legislators encapsulate the real essence of the OECD principles and did the ES designers manage to fully cover the letter and the spirit of the law or find a legalist-normative solution to the problem of compliance (not alignment) with the laws and principles leading to a deviation from the original principles? It is shown that the latter is the case in a number of systems or modules designed to address the issue. Practical implications Practitioners, academics and developers-vendors may alter their perspective of how an information system is placed within the context of the firm. Originality/value A new approach in designing information systems is needed in order to comply with the new legal-regulatory framework and market needs. © 2007, Emerald Group Publishing Limited

引用

页码：339 / 349

页数：10

共 27 条

[1]

The Sarbanes-Oxley act form an IT perspective, leveraging Altiris solutions to support Sarbanes-Oxley compliance, (2004)

[2]

Burkart M., Gromb D., Panunzi F., Large shareholders, monitoring and the value of the firm, Quarterly Journal of Economics, 111, pp. 693-728, (1997)

[3]

Cuervo A., Corporate governance mechanisms: a plea for less code of good governance and more market control, Corporate Governance: An International Review, 10, 2, pp. 84-93, (2002)

[4]

Fisher D., The business process maturity model a practical approach for identifying opportunities for optimisation, Bearing Point, (2004)

[5]

HP ITSM and HP Open View: an approach to attaining Sarbanes-Oxley compliance, h20229, (2004)

[6]

Ease SOX requirements with IBS, (2006)

[7]

ITGI IT control objectives for Sarbanes-Oxley, (2006)

[8]

Keenan J., Aggestam M., Corporate governance and intellectual capital: some conceptualisations, Corporate Governance: An International Review, 9, 4, pp. 259-275, (2001)

[9]

Lahti C., Peterson R., Sarbanes – Oxley IT Compliance Using COBIT and Open Source Tools, pp. 31-56, (2005)

[10]

Lazarides T., Drimpetas E., Sariannidis N., The need for a new perspective in ES design, Proceedings of the 2nd European Conference on Information Systems Management, Leadership and Governance (ECMLG 2006), 12-13 July, pp. 131-138, (2006)

← 1 2 3 →