Controlli interni e requisiti del Sarbanes-Oxley Act

The Sarbanes-Oxley Act (SOX), approved in 2002 by the U.S. Congress after the well known Enron and Worldcom scandals, is focused on the necessity to give back credibility to American financial system. It requires SEC listed companies to document, evaluate and monitor on control of financial reports and on controls of the declarations and procedures especially IT controls.

In this context executives are considered responsible in defining and evaluating the effectiveness of internal controls related to financial report. The control objectives relevant for SOX purposes are a specific subset of the COBIT control objectives. In this subset 12 processes are identified in accordance with PCAOB principles and they are subdivided into 68 audit activity controls.

All organizations should use SOX as a stimulus to improve their operational and internal controls.