IT Auditing and Sarbanes-Oxley Compliance: Key Strategies for Business Improvement

Dimitris N. Chorafas

October 29, 2008 by Auerbach Publications
Reference - 305 Pages - 36 B/W Illustrations
ISBN 9781420086171 - CAT# AU6170


Add to Wish List
FREE Standard Shipping!


  • Provides practical advice on conducting IT audits at the senior management level
  • Emphasizes internal controls and auditing’s contribution to good governance
  • Examines the responsibilities of the board of directors
  • Presents case studies drawn from the author’s experience


Information technology auditing and Sarbanes-Oxley compliance have several overlapping characteristics. They both require ethical accounting practices, focused auditing activities, a functioning system of internal control, and a close watch by the board’s audit committee and CEO. Written as a contribution to the accounting and auditing professions as well as to IT practitioners, IT Auditing and Sarbanes-Oxley Compliance: Key Strategies for Business Improvement links these two key business strategies and explains how to perform IT auditing in a comprehensive and strategic manner.

Based on 46 years of experience as a consultant to the boards of major corporations in manufacturing and banking, the author addresses objectives, practices, and business opportunities expected from auditing information systems. Topics discussed include the concept of internal control, auditing functions, internal and external auditors, and the responsibilities of the board of directors.

The book uses several case studies to illustrate and clarify the material. Its chapters analyze the underlying reasons for failures in IT projects and how they can be avoided, examine critical technical questions concerning information technology, discuss problems related to system reliability and response time, and explore issues of compliance.

The book concludes by presenting readers with a "what if" scenario. If Sarbannes-Oxley legislation had passed the U.S. Congress in the late 1990s or even 2000, how might this have influenced the financial statements of Enron and Worldcom? We can never truly know the answer, but if companies make use of the procedures in this book, debacles such as these – and those which led to the 2007-2008 credit and banking crisis – will remain a distant memory.