Sarbanes-Oxley - How is it Affecting You?

Grant Barrett asks: "All I hear from IT directors is Sarbanes-Oxley, Sarbanes-Oxley, Sarbanes-Oxley. SOX, as they're calling it, is taxing manpower, swallowing time, and adding huge administrative headaches--not to mention incurring fees and salaries paid out to staff or third-party firms hired to ensure compliance--and that's just the IT department. How are you dealing? Did you make your compliance deadline even after the extension? Are you joining the the backlash?"

SOX Sucks

I'm posting this anonymously as I wouldn't want it traced back to me, but I can tell you not only is it costly and burdensome, but it doesn't work. We are now in "compliance", but the changes we had to make to our systems not only didn't have any affect on my ability to alter financial data, but they made them less secure in the process, because external auditors know nothing about our systems, they only have a checklist of features that have to be enabled. It's nothing more than a costly joke that wastes my time and keeps me from doing work that would actually improve our systems. I've started avoiding small, quick projects that would benefit the users, because I would spend 5 minutes making the changes and then 2 hours spread over several days documenting them and getting the required approvals to implement them.