Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
IT World Events
Site Map - Affiliates
Computerworld Publication PageNetworkWorld Publication PageCIO Canada Publication PageITJobUniverse.ca - The Information, Communication and Technology (ICT) Job Board
Enter your  QUICKLINK number to go directly to that article.
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"
Provided by: Citrix
read more
From fear to value: CIO strategies for propelling business through the economic crisisFrom fear to value: CIO strategies for propelling business through the economic crisis
Provided by: IBM
read more
Reaping the rewards of your service-oriented architecture infrastructureReaping the rewards of your service-oriented architecture infrastructure
Provided by: IBM
read more
Yuk it Up
Featured White Papers
Download the Network Barometer Report, which aggregates findings from secure network infrastructure assessments conducted for more than 150 organisations around the world. It provides some surprising stats on the state of network (un)readiness prevalent today; the reasons why organisations are failing at remediating known vulnerabilities; recommendations on assessing your own infrastructure, and on ways to improve your state of readiness to support the business; and more.
Early-generation server load-balancing technology has proven to be an invaluable asset, especially for organizations hosting widely utilized Web applications. But business requirements evolve, as do the processes and technologies used to fulfill them. The many changes and trends that have taken hold since SLBs were first introduced expose the need for enterprises to step up from a simple load-balancing solution to a more comprehensive application delivery solution . This paper is intended to serve as a guide for organizations looking to replace their early-generation SLBs, providing details on the top eight criteria to use during an evaluation process.
Featured Spotlight
Keep up on who's hiring, who's downsizing and how the government is helping. News, job opportunities, recruiters and employment lawyers are all available.
Sign-Up for
Leadership
eNewsletter Delivered Weekly
Click here
Page 1 of 2

Digg it Twitter

Canadian IT execs face 'J-SOX' compliance rules

By: Kathleen Lau - ComputerWorld Canada  (31 Jul 2007)

The Japanese version of the Sarbanes-Oxley Act to be enacted next April will provide previously lacking guidance for IT departments around ensuring internal controls meet compliance requirements, according to Canadian analysts.

Nicknamed J-SOX, Japan's Financial Instruments and Exchange Law will apply to publicly traded companies on the Japanese stock market and Canadian subsidiaries of Japanese parent companies, requiring them to implement internal financial reporting controls. The regulation is expected to affect 3,800 companies.

The differentiator between J-SOX and other versions of Sarbanes-Oxley is that Japanese oversight boards have developed their own internal control framework, said Ross Armstrong, senior research analyst with London, Ont.-based Info-Tech Research Group. "The point of any control framework is to assist IT departments in building and maintaining secure internal controls, which is a fundamental requirement of whatever flavour of SOX you wish to look at."

Although the COSO framework is widely used under the Canadian and U.S. versions of Sarbanes-Oxley, it's not mandated, said Armstrong. With J-SOX, on the other hand, the makers of the framework are openly advocating it.

The move shows the Japanese have recognized the confusion that arose in the U.S. due to lack of direction around compliance, said Armstrong. "This is good because it at least provides IT departments and CIOs with a bit more guidance around what kind of IT controls and application controls they should be looking at, how they should be evaluating them, and what constitutes a control deficiency which is what auditors are looking for."

The Japanese oversight boards have learned from the U.S. approach to compliance that if something is left "open", it becomes harder to handle, said Nigel Wallis, research manager for applications services with Toronto, Ont.-based analyst firm IDC Canada. "Now it's pretty clear in J-SOX versus the U.S. and Canadian equivalent exactly what the framework is, the formula, and the formatting of how you would respond in the IT element."

Eliminating confusion aside, said Armstrong, developing and advocating such a framework helps to reign in costs and keep the scope limited.

But apart from that difference, IT departments shouldn't expect a huge change, especially if they are already subject to other versions of Sarbanes-Oxley, said Armstrong. "From an IT perspective, there's virtually no difference between J-SOX, C-SOX and the U.S. flavour of Sarbanes-Oxley."

However, for those who have never had to comply with Sarbanes-Oxley, J-SOX will place an increased workload on IT departments, specifically around having to look at their internal processes and controls "in a way they never had to do before, and deal with external auditors, and factor in the time and cost of doing that."

In addition, compliance needs to be budgeted for in both business and IT budgets.

Page 1 of 2
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
noneReply to this commentReport an innapropriate comment
It is hard for me to take anything this blog has to say about compliance, security or risk seriously. "Do as I say Not as I do" does not hold water anymore. Cleanup your board and practice what you preach!
Written by: Confused, from
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

Book Reviews

-- VIDEO: IBM, CiRBA push server consolidation virtualization (scroll down for article) --
White Papers
Improving business through smart energy and environment policy
Businesses and public entities today face increasing pressure to develop policies that are both good for the planet and good for business. A framework developed by IBM offers businesses and other organizations a comprehensive approach to energy and environmental issues. The framework helps identify and prioritize environmental efforts by breaking down problems and opportunities into seven distinct business areas, which can then be segmented into manageable projects.
Copyright InformationPrivacy Policy Site MapAbout UsMedia CentreReprint ServicesMobileFeedbackContact Us
ComputerWorld Canada | NetworkWorld Canada | CIO Canada | IT Business | CDN | Direction Informatique | PCWorld Canada | Macworld Canada | IT Job Universe | my IT Vendor
©2009 ITworldcanada.com All rights reserved.