Few people are speaking about tangible approaches for information technology (IT) to comply with such legislation as the Sarbanes-Oxley Act, Basel II requirements, and the USA Patriot Act. However, I will highlight a framework that includes practical approaches enabling organizations to build a compliance system once that can meet current and future government requirements.

While I will focus on Sarbanes-Oxley (SOX) as an example of how to apply the framework, the framework is flexible enough that it can easily be adapted to meet other government requirements, such as those mentioned above. With regard to SOX, the framework identifies the key technology areas enterprises must leverage to meet the stipulations of the Act, and offers "best practice" advice for a smoother implementation.

SOX Framework
The Sarbanes-Oxley Act was passed in July 2002 to protect the investing public from officers of corporations and auditing firms who fraudulently misrepresent the financial stability of the corporation.

Sarbanes-Oxley Act mandates accuracy in financial statements and disclosures to a level unprecedented in recent history. Certifying corporate officers must know, not just believe that their company's public financial statements are accurate and complete. The law also makes specific provisions for the retention of documents surrounding the audit process and public notifications due to material events.