Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
IT World Events
Site Map - Affiliates
ComputerWorldNetwork WorldCIO CanadaCIO Canada Governments' ReviewJobUniverse Canada
Enter your  QUICKLINK number to go directly to that article.
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Unlock the potential of data with the right data warehouse solutionUnlock the potential of data with the right data warehouse solution
Provided by: IBM
read more
IBM Multiform Master Data Management: The evolution of MDM applicationsIBM Multiform Master Data Management: The evolution of MDM applications
Provided by: IBM
read more
Closing the data privacy gap: Protecting sensitive data in non-production environmentsClosing the data privacy gap: Protecting sensitive data in non-production environments
Provided by: IBM
read more
Yuk it Up
Act to Amend the Copyright Act
Want a copyright law that protects spyware and virus writers? If not, sign our petition to amend Bill C-61
Featured IT Quiz
IT Quiz: Test yourself to see if you have the knowledge to fit into the open source world, and compare yourself with the rest of the respondents
Featured White Papers
This white paper details Intel's current and future energy-saving initiatives to reduce costs and support business goals. Learn how Intel IT is extending its efforts to be a role model enterprise IT organization by supporting the Climate Savers Computing Initiative, which aims to drive a 50 percent reduction in computer-related CO2 emissions worldwide. No registration required.
Sign-Up for
Leadership
eNewsletter Delivered Weekly
Click here
Page 1 of 2

Canadian IT execs face 'J-SOX' compliance rules

By: Kathleen Lau - ComputerWorld Canada  (31 Jul 2007)

The Japanese version of the Sarbanes-Oxley Act to be enacted next April will provide previously lacking guidance for IT departments around ensuring internal controls meet compliance requirements, according to Canadian analysts.

Nicknamed J-SOX, Japan's Financial Instruments and Exchange Law will apply to publicly traded companies on the Japanese stock market and Canadian subsidiaries of Japanese parent companies, requiring them to implement internal financial reporting controls. The regulation is expected to affect 3,800 companies.

The differentiator between J-SOX and other versions of Sarbanes-Oxley is that Japanese oversight boards have developed their own internal control framework, said Ross Armstrong, senior research analyst with London, Ont.-based Info-Tech Research Group. "The point of any control framework is to assist IT departments in building and maintaining secure internal controls, which is a fundamental requirement of whatever flavour of SOX you wish to look at."

Although the COSO framework is widely used under the Canadian and U.S. versions of Sarbanes-Oxley, it's not mandated, said Armstrong. With J-SOX, on the other hand, the makers of the framework are openly advocating it.

The move shows the Japanese have recognized the confusion that arose in the U.S. due to lack of direction around compliance, said Armstrong. "This is good because it at least provides IT departments and CIOs with a bit more guidance around what kind of IT controls and application controls they should be looking at, how they should be evaluating them, and what constitutes a control deficiency which is what auditors are looking for."

The Japanese oversight boards have learned from the U.S. approach to compliance that if something is left "open", it becomes harder to handle, said Nigel Wallis, research manager for applications services with Toronto, Ont.-based analyst firm IDC Canada. "Now it's pretty clear in J-SOX versus the U.S. and Canadian equivalent exactly what the framework is, the formula, and the formatting of how you would respond in the IT element."

Eliminating confusion aside, said Armstrong, developing and advocating such a framework helps to reign in costs and keep the scope limited.

But apart from that difference, IT departments shouldn't expect a huge change, especially if they are already subject to other versions of Sarbanes-Oxley, said Armstrong. "From an IT perspective, there's virtually no difference between J-SOX, C-SOX and the U.S. flavour of Sarbanes-Oxley."

However, for those who have never had to comply with Sarbanes-Oxley, J-SOX will place an increased workload on IT departments, specifically around having to look at their internal processes and controls "in a way they never had to do before, and deal with external auditors, and factor in the time and cost of doing that."

In addition, compliance needs to be budgeted for in both business and IT budgets.

Page 1 of 2
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
noneReply to this commentReport an innapropriate comment
It is hard for me to take anything this blog has to say about compliance, security or risk seriously. "Do as I say Not as I do" does not hold water anymore. Cleanup your board and practice what you preach!
Written by: Confused, from
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

Book Reviews

Special Advertising Partners
IDC Case Study: Identity And Access Management Buying Criteria.
IDC analyses IAM buying criteria and deployment at Coppin State University. Coppin State replaces "first generation" IAM solution to obtain benefits needed for today's agile enterprise: ease of integration, rapid deployment, simplified compliance, flexibility.
White Papers
Closing the data privacy gap: Protecting sensitive data in non-production environments
How can IT organizations protect sensitive data, including employee and customer information, as well as corporate confidential data and intellectual property? Industry analysts recommend "de-identifying" or masking data as a best practice for protecting privacy. This white paper explains the importance of closing the data privacy gap in non-production environments, and provides guidance on effective data masking. Complimentary with registration. Sponsored by IBM.
Unlock the potential of data with the right data warehouse solution
Once you've made the decision to implement a new data warehouse, you want to make sure you choose the one that's right for your organization. This buyer's guide provides checklists for starting points that you can use when evaluating vendors and their products. Complimentary with registration. Sponsored by IBM.
Prepare for a more efficient SAP implementation: Take data issues off the critical path
This white paper outlines how the Preliminary Data Assessment Appliance (PDAA) from IBM can help address the challenges of integrating data from different operational applications across the enterprise to an SAP platform. Complimentary with registration. Sponsored by IBM.
Copyright InformationPrivacy Policy Site MapAbout UsMedia CentreReprint ServicesMobileFeedbackContact Us
PC World CanadaIntergovworld.comIT Vendors DirectoryBio-IT WorldCIO TitlesCMOComputerWorld TitlesCSO
GlossaryDarwinGameProInfoworldGames.netITJobUniverseJavaWorldMacCentral
MacWorldNetwork World TitlesPCWorldPlaylistIDG WorldWide Network
©2008 ITworldcanada.com All rights reserved.