Chapter 9. Security, Controls, and Privacy
David Deckter
Jeffrey Fisher
Security, controls, and privacy considerations are of paramount importance in financial system implementations. With increasing scrutiny and regulatory oversight, ranging from Sarbanes-Oxley 302 and 404 to numerous state and federal mandates, regarding the controls that should be in place to protect the confidentiality of information, companies are feeling greater pressure on getting these safeguards right. At the same time, they are feeling great pressure to reduce or contain costs, especially for risk and compliance management, which is often seen as adding limited value. It is in light of these two opposing forces, increased requirements and pressure to reduce costs, that we explore security, controls, and privacy in financial systems.
Impact of Sarbanes-Oxley on Financial Systems Implementations
Most corporate professionals have knowledge of, or have been impacted by, the Sarbanes-Oxley Act of 2002 (SOX) through their involvement in the business world. Through this involvement, it is clear that SOX has had a profound impact on many public companies. Prior to SOX, strong internal controls found within public companies most often were the result of: management reacting to, and trying to prevent, internal or external audit comments; the prevention of fraud; or management implementing specific internal control–focused departments. Once SOX was signed into law, management was required to take ownership of designing ...
Get IT Best Practices for Financial Managers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
