Computer System Compliance Under Sarbanes-Oxley

computer compliance under sarbanes-oxleyIf you are buying, designing, or implementing a computer software system that will deal with financial information for a publicly traded company, it is essential that you are aware of, and strictly comply with, the Sarbanes -Oxley Act of 2002. Sarbanes-Oxley is a federal law that requires publicly traded companies to keep readily accessible copies of every financial or accounting document available.

How Sarbanes-Oxley Affects Computers Software Implementation

The Sarbanes-Oxley Act of 2002 covers computer software systems in which financial and accounting information are stored. A major provision of Sarbanes-Oxley is that companies may not dispose of, or alter, financial information. This means that a computer software system will now have to preserve financial documentation and information.

It also means that the software system must be able to quickly access copies of any financial or accounting document stored in the computer system. In practical terms, this means that any financial document on the computer will have to be available in a PDF or other easy to use format that can be quickly printed or e-mailed.

The reason that documents must be able to be quickly produced is because the punishment for not complying with Sarbanes-Oxley are quite strict.  Undeed, corporate executives who cannot produce financial information can go to jail! Therefore, companies will be looking to IT professionals to be able to implement programs allowing them to strictly, and quickly, comply with this act.

Computer System Compliance Under Sarbanes-OxleyWho is Covered by Sarbanes-Oxley?

Any publicly traded company, as well as any company that has to file documents or reports with the Securities and Exchange Commission (SEC), is required to comply with Sarbanes-Oxley. This means that any software consultant working with such companies must be aware of the act, and must make sure their company strictly complies with it.

Software technology contractors, subcontractors and other companies that do business with companies covered by Sarbanes-Oxley will have to comply with the law. So will any company that can potentially be bought by a publicy traded company, or merge with a publicly traded company.

Sarbanes-Oxley Compliance in Computer Software Systems

This means it is a good idea for all software consultants in large or mid-sized companies to be compliant with Sarbanes-Oxley. Fortunately, the standards of compliance under Sarbanes-Oxley may not be as rigorous as some might think.

The first major requirement of Sarbanes-Oxley is that a computer system must have a secure, offsite backup for financial documents. This is usually a mainframe or server that contains copies of financial information that can be accessed in an emergency; for example, if corporate headquarters burns down.

The second requirement is that financial documents must be easily accessible in the computer system. This means that there should be no problems or delays when someone requests a financial document such as an invoice, spreadsheet or bank statement.

In sum, the penalties for not complying with the Sarbanes-Oxley Act can be quite severe.  However, companies that comply with these simple provisions should have no problem staying in line with Sarbanes-Oxley.

About The Author:

Richard Sofen is an established SAP Consultant. If you are implementing a computer software for a publicly traded firm, Richard highly recommends you learn more about Sarbanes-Oxley and assure your company is in strict compliance.

Author: Guest Blogger welcome authors and bloggers. If you would like to submit an article please contact Damian at

One thought on “Computer System Compliance Under Sarbanes-Oxley”

Comments are closed.