Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Portfolio Management Maturity Model at Chevron - Presentation & Discussion
November 13, 11:30 AM - 12:30 PM ET (GMT-4)
The fundamental goal of the model is to help IT become a business partner and earn a seat at the table. Core to the model is to establish a five year IT strategic road map that is owned by the business. Presenter Janinne Franke is manager of strategy, planning & optimization at Chevron's corporate department & services. She will share processes and lessons learned from developing and implementing the model.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Why, Five Years After Sarbanes-Oxley Became Law, IT Executives Are Better Off
The law's requirements for financial auditing and regulatory compliance have made IT systems more visible to top executives and integral to core business processes.
August 03, 2007 — CIO —
Paul Sarbanes and Michael Oxley have left Congress, but they’re never far from the thoughts of CIOs responsible for making their companies’ financial systems produce accurate data. Everyone’s favorite kvetch is the high cost to comply with the Sarbanes-Oxley Act of 2002, but now chief information officers are, in some ways, better off.
For the past five years, CIOs have dealt with being micromanaged by colleagues outside of IT and suspected a conspiracy by CFOs to undermine them. They’ve been inundated by vendors with fabulous claims of compliance-in-a-box and have listened to former Federal Reserve chairman Alan Greenspan decry Sarbanes-Oxley as a “nightmare” that should be rewritten.
But looking back, the rules that Sarbanes, a former Senate Democrat from Maryland, and Oxley, a former Republican representative from Ohio, wrote to make U.S. companies more accountable for their financial data also have lifted the career trajectories of some CIOs, says Lee Dittmar, a principal at Deloitte Consulting who oversees enterprise governance.
Yes, Dittmar says, Sarbanes-Oxley burdened technology departments by forcing, for example, more detailed reporting about how software projects affect a company’s financial data. IT also has to work side by side with internal and external auditors, as well as with the finance group, to identify how their companies handle accounting data electronically and manually, then tighten those processes to prevent fraud. “It has been painful,” he says. For many companies, documenting, testing and maintaining financial controls to the extent required by the legislation was a major change from past practice, he says.
But because technology enables the production of nearly all of the financial information under scrutiny, he says, now senior executives see that “what happens in IT is strategic.”
As companies have struggled to understand and then follow Sarbanes-Oxley, CIOs have had the chance to talk with senior executives specifically about how IT affects the business, says Patty Azzarello, a CIO careers consultant in Palo Alto, Calif. “This conversation in many cases opened the door for CIOs to get more airtime in budget and planning discussions, which is vital if they want to have an impact on corporate strategy.”
The cost of complying with Sarbanes-Oxley depends on how complex your company is—multiple lines of business? global offices?—and how badly financial data was monitored historically. But generally, the amount of money spent per year on adhering to the regulations has been declining, according to a recent survey from Financial Executives International (FEI), a professional association in Florham Park, N.J.
Stop mobility from jeopardizing PCI compliance with these best practices.
The PCI Data Security Standard
ITCi White Paper: Challenges and Opportunities of PCI
Proving Control of the Infrastructure
BlackBerry in the Regulatory Spotlight - A White Paper by Day Pitney LLP
Oxford International Modernizes Vehicle Order Management System for Leading European Automaker, an IBM Case Study
Find out what Forrester says about mobile endpoint security and its management.
Zen Master Series - The Transformation of Application Development with Ascendant Technology
IT Risk Management: Preparing for the Perfect Storm
The New "Black Art." Learn why few companies do DNS well. Why fewer can scale it.
Advanced DNS and Traffic Management Solutions: The Keys to Enhancing and Securing your Enterprise Network
The Power of Telepresence
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Porn Filters on in-Flight Wi-Fi May Be Just the Start
Apple iPhone Takes Top U.S Smartphone Slot
SAP Warns on Q3 Earnings, Cites Economy
Yar'Adua Tasks ICT Ministers with Lessening Digital Divide
Uganda Cyber Laws Going to Parliament
Militants Send Terror Messages in India By 'wardriving'
Mauritians Turn to the Internet to Pay Taxes
Soulco Takes Over Siemens Enterprise in East Africa
Techies Showcase Projects At Innovation Meetup
T-Mobile Lost Control of Data on 17 Million Customers
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
