Sarbanes-Oxley and U.S. Patriot Acts

The Sarbanes-Oxley and U.S. Patriot Acts

Protecting investors by improving accuracy and reliability of corporate disclosures made pursuant to the securities laws is why the Sarbanes-Oxley Act (SOX) was created. New standards for corporate accountability as well as penalties for acts of wrongdoing were also a provision of the act. The interaction between corporate boards and executives and the corporate auditors also changed under the act to comply with the new standards set in place. Under the (SOX), CEOs and CFOs can now face the potential for criminal fraud liability if the companies are not in compliance of the act's provisions. The purpose of the U.S. Patriot Act (USAPA) is to deter and punish terrorist's acts in the U.S. as well as around the world enhancing law enforcement investigates tools and other purpose. Some of those purposes includes strengthen U.S. measures preventing, detecting, and prosecuting international money laundering and financing terrorism; the reporting by all financial services of potential money laundering; and the prevention of using the U.S. financial system for personal gain by corrupt foreign officials along with repatriation of stolen assets to the citizens of countries who those assets belong to.

There are two sections that specify how the SOX affect information security for the country. In section 302, this act clearly states that the Chief Executive Officer (CEO) and Chief Financial Officer (CFO) are personally held accountable for the company's financial reports and that those reports are accurate and complete. The effectiveness of internal controls around financial reporting must also be assessed by those persons standing in this position. The provisions of section 404 of the SOX states that a corporation must assess the effectiveness of its internal control and annually report those assessments to the Securities and Exchange Commission (SEC). A reputable outstanding auditing firm must review and judge the annual assessment. In order for the corporation to meet the compliance of this provision a large amount of resources is needed since a comprehensive review of the internal controls to the financial reporting is an overwhelming task.

The affects of information security and the (USAPA) shows that information technology has "changed the way business is transacted, government operates, and national defense is conducted." (Robinson, 2003) The USAPA makes continuous efforts to secure information systems for critical infrastructure and the information technology. Enhancing federal government's surveillance capabilities with changes in the relationship

...