Feds Reach Out and Touch IT: Page 16 of 31

Sarbox will be remembered as the regulation that fights the good fight against corporate fraud and abuse. But for IT, Sarbox means Uncle Sam is demanding corporate accountability in financial reporting systems. If that does not happen, heads may roll. Anyone who falsely certifies that financial conditions and the results of operations are accurate while knowing that they do not reflect financial reality will be fined up to $1 million or imprisoned up to 10 years--or both.

But there is a rhyme to all the government's reasons for Sarbox. Investors will be more confident when reviewing financial reports and more willing to invest. Unfortunately for the public, the reporting requirements do not go into effect for most companies until April 15, 2005.

Sean Doherty is a technology editor and lawyer based at our Syracuse University Real-World Labs®. A former project manager and IT engineer at Syracuse University, he helped develop centrally supported applications and storage systems. Write to him at [email protected].

Post a comment or question on this story.

The Law and IT

It's bottom of the ninth, two outs for the good old days of enterprises exercising sole control over how their sensitive business data was stored, distributed, used and protected (or the not so-good-old days if you worked for Enron or had personal data stolen). The federal government is getting in the game with a vengeance with GLBA, HIPAA, the Patriot Act and the Sarbox Act. For now, only companies that deal with private health and financial data are affected, but others should take note: As Uncle Sam flexes his regulatory muscles--and hands out some fat fines--more types of industries could be affected.