出版社:International Association for Computer Information Systems
摘要:Everybody in today’s highly networked corporate world is aware of the need for information security, since information is undeniably among an enterprise’s most valuable assets. Therefore having a sound protection and data integrity infrastructure is paramount for corporate survival. In Puerto Rico, there are no regulations or formal standards regarding Information Technology (IT) governance for government agencies or small companies. Only companies which have their headquarters in the continental U.S., banking and pharmaceutical industries that are required to comply with Sarbanes Oxley (SOX) regulations are enforcing relevant control management models. Even though SOX compliance at first may seem to be an accounting and auditing matter, IT is at the heart of the issue. This is because the accuracy of financial reports relies in large part on decisions made by IT professionals. In this paper, we develop a framework for information technology governance even in organizations that are not specifically required to comply with SOX in Puerto Rico.
关键词:Sarbanes Oxley; Information Technology;Governance; Puerto Rico; Information Systems;Controls.
