1. What section of the SOX compliance law requires proper controls and hence, security controls, to ensure the confidentiality and integrity of financial information and recordkeeping within an IT infrastructure? Explain the information contained in this section.
a. Sections 302 and 404 of the SOX compliance law cover the internal security controls to ensure the confidentiality and integrity of financial information and recordkeeping within an IT infrastructure. Section 302 requires the CEO and CFO to certify the truthfulness and accuracy of financial reports, while section 404 requires the company to provide proof (Weiss & Solomon, 2011).
2. Who is Richard Scrushy and why is he ...view middle of the document...
A large accelerated filer is an Exchange Act reporting company with a worldwide market value of outstanding voting and non-voting common equity held by non-affiliates of $700 million or more (Securities and Exchange Commision). These ‘large accelerated filers have a 75-day deadline for their 10-K forms (annually) and a 40-day deadline for their 10-Q forms (quarterly).
6. Where would someone go in order to find the quarterly and annual reports for a publicly traded company?
a. You would get the reports from the Securities and Exchange Commission
7. Go into the Edgar Database and find the most recent 10K or 10Q for Microsoft, Nike, and Cisco. Who signed off on the 10K for each of those companies?
a. Donald Blair and Frank Brod signed off on the companies stated.
8. What are some of the criminal penalties for falsifying documents, or covers up information related to financial matters and SOX?
a. One criminal penalty for falsifying documents is 1-20 years of imprisonment
9. What is the Japanese version of SOX, and what agency oversees its implementation?
a. J-SOX is the Japanese version of SOX, overseen by the Japanese financial service agency
10. Of what was Dennis Kozlowski convicted, and how is it related to SOX?
a. Dennis Kozlowski was convicted of grand larceny, loans involved were outlawed by SOX
11. What is the link between SOX compliance law and information systems security?
a. The link between SOX compliance law and information systems security is Section 404. Section 404 of the Sarbanes-Oxley Act mandates that all publicly-traded organizations demonstrate due diligence in the disclosure of financial information. They must also implement internal controls and procedures to communicate, store and protect that data. They must protect these controls from...