Artikel in Tagungsband INPROC-2006-81

Agrawal, Rakesh; Johnson, Christopher M.; Kiernan, Jerry; Leymann, Frank: Taming Compliance with Sarbanes-Oxley Internal Controls Using Database Technology.
In: Liu, Ling (Hrsg); Reuter, Andreas (Hrsg); Whang, Kyu-Young (Hrsg); Zhang, Jianjun (Hrsg): Proceedings of the 22nd International Conference on Data Engineering -- ICDE '06..
Universität Stuttgart, Fakultät Informatik, Elektrotechnik und Informationstechnik.
IEEE Computer Society, Januar 2006.
DOI: 10.1109/ICDE.2006.155.
Artikel in Tagungsband (Konferenz-Beitrag).
CR-Klassif.H.2.4 (Database Management Systems)
K.4.1 (Computers and Society Public Policy Issues)

The Sarbanes-Oxley Act instituted a series of corporate reforms to improve the accuracy and reliability of financial reporting. Sections 302 and 404 of the Act require SEC-reporting companies to implement internal controls over financial reporting, periodically assess the effectiveness of these internal controls, and certify the accuracy of their financial statements. We suggest that database technology can play an important role in assisting compliance with the internal control provisions of the Act. The core components of our solution include: (i) modeling of required workflows, (ii) active enforcement of control activities, (iii) auditing of actual workflows to verify compliance with internal controls, and (iv) discovery-driven OLAP to identify irregularities in financial data. We illustrate how the features of our solution fulfill Sarbanes-Oxley requirements using several real-life scenarios. In the process, we identify opportunities for new database research.

Abteilung(en)Universität Stuttgart, Institut für Architektur von Anwendungssystemen, Architektur von Anwendungssystemen
Eingabedatum30. April 2008
   Publ. Institut   Publ. Informatik