Comply! Resistance is futile
Information Management & Computer Security
ISSN: 0968-5227
Article publication date: 16 October 2007
Abstract
Purpose
The goal of the paper is to detect any gaps in the legislator's and practitioner's approaches in information systems design and implementation and to evaluate their impact on an organizational and managerial level.
Design/methodology/approach
Basic information system requirements are presented for compliance with the Sarbanes‐Oxley Act. These requirements are compared with the provisions made by the vendors (like SAP, Microsoft, etc.) to address the issues raised by the legislators and the OECD's corporate governance principles and guidelines to provide a holistic approach to the problem of corporate governance system alignment.
Findings
The questions raised by the author are: did the legislators encapsulate the real essence of the OECD principles and did the ES designers manage to fully cover the letter and the spirit of the law or find a legalist‐normative solution to the problem of compliance (not alignment) with the laws and principles leading to a deviation from the original principles? It is shown that the latter is the case in a number of systems or modules designed to address the issue.
Practical implications
Practitioners, academics and developers‐vendors may alter their perspective of how an information system is placed within the context of the firm.
Originality/value
A new approach in designing information systems is needed in order to comply with the new legal‐regulatory framework and market needs.
Keywords
Citation
Lazarides, T. (2007), "Comply! Resistance is futile", Information Management & Computer Security, Vol. 15 No. 5, pp. 339-349. https://doi.org/10.1108/09685220710831080
Publisher
:Emerald Group Publishing Limited
Copyright © 2007, Emerald Group Publishing Limited