[ISN] Sarbanes-Oxley kicks in

From: InfoSec News (isn@private)
Date: Tue Nov 16 2004 - 05:36:47 PST


http://news.com.com/Sarbanes-Oxley+kicks+in/2100-7355_3-5453279.html

By Dawn Kawamoto 
Staff Writer, CNET News.com
November 15, 2004

A section of the Sarbanes-Oxley Act took effect Monday, part of new
accounting regulations that promise to be a multimillion-dollar
bonanza for security companies.

Under Section 404 of the law, publicly traded companies must have
policies and controls in place to secure, document and process
material information dealing with their financial results. Vendors
helping companies with compliance are expect to reap $5.8 billion next
year, with 28 percent going to technology companies, according to an
AMR Research survey released Friday.

"Technology will play an increasingly significant role in the
integration of SOX (Sarbanes-Oxley) compliance initiatives into the
business process," John Hagerty, vice president of research at AMR,
said in a statement.

This year, companies and organizations are expected to spend $1.13
billion on technology to comply with Sarbanes-Oxley. That is expected
to increase to $1.62 billion next year, according to the study.

Providers of technology for internal and external security are
expected to capture a good slice of this business. Other sectors set
to benefit include document and record management; business process
management to integrate disparate business systems; applications
compliance management software; and application suites to standardize
the business processes for financial transparency.

Technology vendors have changed their marketing pitch as the
regulations have taken hold, industry analysts have noted. Congress
passed the Sarbanes-Oxley Act in 2002, aiming to counter financial
scandals such as those at Enron or WorldCom, by imposing more
transparency in accounting procedures.

"A year ago, the vendors had ineffective messaging. They said their
products were compliant and put a patina of compliance on everything
they wrote to market them," said Paul Proctor, vice president of
security and risk strategies at Meta Group. "Now vendors say their
products address compliance."



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Tue Nov 16 2004 - 09:43:20 PST