References
- Beer , M. and Nohria , N. May-June 2000 . “ Cracking the code of change ” . In Harvard Business Review , May-June , HBR OnPoint .
- Chan , S. 2004 . Sarbanes-Oxley: The IT dimension . The Internal Auditor , 61 ( 1 ) : 31 – 33 .
- CERT(r) Coordination Center. 2005 . 2004 E-Crime Watch Survey shows significant increase in electronic crimes , Available at http://www.cert.org/about/ecrime.html
- CIO Insight/Gartner. 2004 . EXP Research: Sarbanes-Oxley 2004: Are you ready to comply , May Available at http://www.cioinsight.com
- Cobb , C. G. 2004 . Sarbanes-Oxley: Pain or gain . Quality Progress , 37 ( 11 ) November : 48 – 52 .
- Committee of Sponsoring Organizations. 2005 . FAQs for COSO's Enterprise Risk Management-Integrated Framework , Available at http://www.coso.org/Publications/ERM/erm_faq.htm
- Computer Crime Research Center. 2005 . 2004 CSI/FBI Computer Crime and Security Survey , Available at http://www.crime-research.org/news/11.06.2004/423/
- Corporate Executive Board. 2003a . Securing extended enterprise partners , Motorola, Inc., Working Council Research . Available at http://www.cio.executiveboard.com/ Corporate Executive Board. 2003b). Trends in information security and business continuity planning from infrastructure protection to business enablement. Available at http://www.cio.executiveboard.com/
- Damianides , M. 2005 . Sarbanes-Oxley and IT governance: New guidance and IT control and compliance . Information Systems Management , Winter
- Decker , S. and Lepeak , S. 2003 . Connecting to ERP for SOX 404 Assessments , Available at the META Group Web site: http://www.metagroup.com
- Dittmar , L. 2004 . What will you do in Sarbanes-Oxley's second year . Financial Executive , 20 ( 8 ) November : 17 – 18 .
- Heffes , E. 2005 . FEI CEO's 2005 top 10 financial reporting issues . Financial Executive , 21 ( 1 ) January-February Available at http://www.fei.org
- Information Systems Audit and Control Association. 2005 . About ISACA , Available at http://www.isaca.org
- IT Governance Institute . 2005a . Board briefing on IT governance , Available at http://www.itgi.org/
- IT Governance Institute . 2005b . Governance of the extended enterprise, bridging business and IT strategies , Hoboken, NJ : John Wiley & Sons .
- Kaarst-Brown , M. and Kelly , S. 2005 . “ IT governance and Sar-banes-Oxley: The latest sales pitch or real challenges for the IT function ” . In Proceedings of the 38th Hawaii International Conference on System Sciences - 2005 , IEEE .
- Kola , V. 2004 . Sarbanes-Oxley Section 404: From practice to best practice . Financial Executive , January-February : 20
- Leskeia , L. and Logan , D. 2003 . Sarbanes-Oxley compliance demands IS involvement , Available at the Gartner, Inc. . Web site: http://www.gartner.com/
- Louwers , T. , Ramsey , R. , Sinason , D. and Strawser , J. 2005 . Auditing and assurance services , New York : McGraw-Irwin .
- Luftman , J. , Bullen , C. , Liao , D. , Nash , E. and Neumann , C. 2004 . Managing the information technology resource , Upper Saddle River, NJ : Pearson Prentice Hall .
- Microsoft Executive Circle. 2004 . Motorola case study , Available at the Microsoft Corporation Web site: http://www.microsoft.com
- Mead , N. R. and McGraw , G. 2004 . “ Regulation and information security: Can Y2K lessons help us ” . In IEEE Security and Privacy , IEEE .
- Meyer , D. 2005 . Beneath the buzz: ITIL is a powerful tool, but holds pitfalls in store for those who get obsessed with it , Available at the CIO.com Web site: http://www.cio.com/leadership/buzz/column.html?ID=4186
- National Cyber Security Partnership . 2005 . Governance , Available at http://www.cyberpartnership.org/init-governance.html
- Proctor , P. 2004 . “ Sarbanes-Oxley security and risk controls: When is enough enough ” . In Infusion , Security & Risk Strategies . Available at the META Group Web site: http://www.metagroup.com
- Public Company Accounting Oversight Board . 2005 . PCAOB center for enforcement tips, complaints and other information , Available at http://www.pcaobus.org/Enforcement/Tips/index.asp
- Ramos , M. 2004 . How to comply with Sarbanes-Oxley Section 404 , Hoboken, NJ : John Wiley & Sons .
- Reich , B. H. and Nelson , K. 2003 . AIn their own words: CIO visions about the future of in-house IT organizations . The Database for Advances in Information Systems , 34 ( 4 )
- Sarbanes-Oxley Act of 2002, Public Law 107–204 . 2002 . Available at http://www.pcaobus.org
- Stolovitch , D. A. 2004 . Canadian ISO 17799 User Conference . Sun Life's experience with security governance and ISO 17799 , 30 January Available at http://www.scienton.com/7799ug/Papers.html
- Symons , C. 2005 . IT governance framework, structure, processes, and communication , 29 March Available at the Forrester Research Web site: http://www.forrester.com/
- Weill , P. and Ross , J. 2004 . IT governance: How top performers manage IT decision rights for superior results , Boston : Harvard Business School Press .
- 2001 . Available at the Risk Associates Web site: http://www.securityauditor.net/ISO17799/what.htm, What is: ISO 17799?
- Zorz , M. 2003 . Interview with Christopher Alberts, a senior member of the technical staff in the Networked Systems Survivability Program at the Software Engineering Institute , 12 March Available at http://www.net-security.org