Abstract
Having weathered the storm of legislation, such as the Sarbanes–Oxley Act of 2002, that broke in the wake of corporate wrongdoing, enterprises are beginning to rebound and get back to new (or maybe it is back to the old) “business as usual.” As they redirect their focus from compliance as a necessary evil to compliance as a competitive advantage, and capitalize on the recovering economy, companies are also turning a spotlight on governance and controls over information technology.