| By the end of 2001 in the wake of the Enron case,and a series of financial scandals,the United States has exposed serious flaws in the system of verification,and the verification system was originally designed to protect public company shareholders,pension beneficiaries and the interests of employees and to protect the American public on the capital market stability and fair confidence.However,a series of events is severely shaken public confidence in the accounting industry.Against the above company failures,Congress in 2002 enacted the "Sarbanes - Oxley Act"(the Sarbanes-Oxley Act,or SOX Act),the bill for the public's external auditors creation of a broad,new oversight system, and the financial report internal control is the specific content of concern. Congress requires not only the management report on the company's internal financial reporting controls,but also requires external auditors report confirmed the accuracy of management.It can be said that the incident once again to the internal control become a focus of attention.SOX Act applies not only to the United States in the market for all publicly traded companies,but also applies to the American Stock Exchange registered non-American companies.In other words,all listed companies in the United States should be bound by this bill.So for those already listed in the United States or in US-listed companies to study how the SOX Act is a very important element of the work.Otherwise it might result in businesses or principal officers be punished,or even companies were delisted.Along with the development of Information Technology and the enhancement of dependent for people's work life in information and network system,increasing of security threats and security event continually occur, attention to security problem of social sectors,construction emphasis on information and network system has transferred to the construction of security problem.Almost no net can protected against perplex of security objectively. According to the result which FinancialTimes has statistics,there are a network intrusion every 20 seconds and security is the essential for network development. Especially in field of information security industry,intrinsic sensitivity and particularity affects on national security interests and economic interests directly. Therefore,the situation in process of network and infotmation can not be reversed,how to decrease or avoid economic loss which caused by information leakage and destruction maximally is a great strategic significance subject that very properly solved and we confront today.Therefore,this paper attempts to start from the internal control on the SOX Act have the background and origin,and the main content of SOX bill was introduced,while the SOX Act theoretical framework COSO and major theoretical or COBIT standard,ISO27001,a brief description.SOX Act to be consistent with the theoretical guidance.At the same time,starting from practical, make an analysis of enterprise information defects on audit in the SOX Act of CMNM,and give the methods of solving the main defect.Expecting to find the guidance in how to guide enterprises make greatest satisfaction of SOX Act request in the building of enterprise information construction and management for company.This paper focus on the enterprise information system which according with SOX Act requirement,and make description in aspects of theory,defects, control,Defect Mending and management control. |
PDF Full Text Request