Also known simply as “Sarbanes Oxley” or “SOX,” the Sarbanes-Oxley Act of 2002 was passed in the wake of a number of corporate accounting scandals at companies like Enron and Arthur Andersen, which came to light after the year 2000.
Signed on July 30, 2002, the legislation’s goal is to create oversight at publicly traded companies and independent auditors so investors are not fooled by phony profits and revenue. Among the several results of Sarbanes-Oxley is the creation of an oversight board for accounting firms that audit publicly traded companies. It also stresses independence of auditors and financial analysts; addresses corporate responsibility at publicly traded companies; and protects whistleblowers.
At no point does the word “software” appear in the text of the Sarbanes-Oxley legislation. But in order to achieve the type of audit trails and records keeping required to be in compliance, most companies will use some type of content or records management software.
Section 404 of Sarbanes-Oxley is widely cited in the literature of software companies. It requires each annual report of a publicly traded company to contain an “internal control report”, which states the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and contains an assessment of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.
Section 409 says that companies must disclose information on material changes in the financial condition or operations of the issuer on a rapid and current basis.
To read a summary of the entire Sarbanes-Oxley legislation, visit: http://www.aicpa.org/info/sarbanes_oxley_summary.htm.