When CIOs began installing ERP systems in the ’80s and ’90s, they unwittingly took something that used to belong to CFOs: financial controls. The things that accountants used to monitor manually—such as making sure that two signatures from the right people went on every check, or reconciling purchase orders against invoices—all became automated inside ERP systems. The meticulous audit trail that controllers and accountants had established over generations for demonstrating that money was being handled properly (think of black, leather-bound ledgers and long ribbons of adding machine paper) disappeared into those ERP systems without a trace—or at least without being properly documented, and certainly not to the extent now required by the 2002 Sarbanes-Oxley Act, a.k.a. Sarbox.

Today, CFOs want those controls back. If they don’t get them, they believe they could go to jail. Section 404 of the Sarbanes-Oxley Act mandates that CFOs have to do more than simply pledge that the company’s finances are correct; they have to vouch for the processes used to add up the numbers. (See "What Section 404 Says," Page 60.)

Sane people don’t want to go to prison. They can even get a little frantic about it.

That’s why CIOs perhaps can forgive their CFOs for getting aggressive when it comes to taking control of Sarbanes-Oxley compliance efforts. What CIOs shouldn’t forgive, or take lying down, are their CFOs’ attempts to freeze them out of the process.

A recent survey by research company Hackett Group found that just 12 of 22 companies surveyed had IT representation on their Sarbox steering committees. Among 75 public companies that Gartner surveyed last fall, just 63 percent said IT was involved.

Partly, this may be because many companies have been slow in getting their Sarbanes-Oxley efforts up and running. Only 65 percent of Gartner’s respondents even had a Sarbox steering committee. Twenty-eight percent had no plans to form one.

But some CIOs see a darker agenda at work—a conspiracy. They fear Sarbox has become a stalking-horse that CFOs are using to assert control over IT and displace the CIO as the company’s business process expert. Egging CFOs on, this theory goes, are the Big Four accounting firms, desperate to reassert themselves after the Enron debacle (which turned the Big Five into the Big Four after Arthur Andersen bit the dust) and needing consulting revenue to replace what they lost when most split off their consulting divisions. (See "The Revenge of the Bean Counters," Page 64.)