In some of the recent corporate scandals, senior executives “doctored the books” and misrepresented the corporate financial status of the company. In others, transactions were created to and from inert or false companies to enhance the bottom line. All of these actions required some intervention and dependence on current or new IT systems. As a result the Federal Government passed the SOX regulations in 2002-2003 and the Dodd-Frank Financial Reform law in 2010.
Do you feel the information technology group could or should identify (expose) these fraudulant practices?
What do you feel the responsibilities of the CIO are relative to internal fraud and illegal activities?
Is the CIO ethically responsible for how the network and computing “utility” within the company is used?
Is it an IT responsibility to build and install systems that cannot be compromised?
Does the information technology have the responsibility to ask “why” a business function is needed when a system is built?
Does the internal or external audit function have any responsibility in guiding the development of new Information Technology systems? Explain.