Compliance Auditing in Regulatory Environments
A series of high visibility examples of corporate fraud motivated the federal government to step in and create laws to hold corporations more accountable to the public and to their shareholders.
Two of the more well-known examples are Gramm-Leach-Bliley (GLB Act) passed in 1999 and Sarbanes-Oxley Act (SOX) passed in 2002.
Both of these laws have information security and privacy components that impact financial management and creation of financial statements within certain organizations.
The CFO of a large investment company that is publically traded on the American Stock Exchange is preparing for a significant external audit as part of preparing the organization for creation of the annual financial statements and report to shareholders. He hires you establish what obligations they have under the GLB and SOX laws that relate to creation of those financial statements.
Use the study materials and engage in any additional research needed to fill in knowledge gaps. Then discuss the following:
Describe the steps necessary to determine what specific criteria within the GLB and SOX laws pertain to this particular type of organization.
Identify the process that will identify how well the organization is in compliance with the criteria.
Explain the selection of team members and process steps from being hired to determine the relevant parts of GLB and SOX through reporting on the identification of compliance levels.