CHAPTER TWO

Fundamental Governance Concepts and Sarbanes-Oxley Rules

AS WE DISCUSSED IN CHAPTER 1, the term enterprise IT governance is not new, but is a concept that has meant different things to different people. The concept of enterprise governance has been evolving over recent years, at least in the United States. As a response to ongoing cycles of business frauds and failures particularly in the latter decades of the past century, there has been an increased emphasis on embellishing enterprise codes of conduct and establishing what are called corporate ethics departments. This author got involved in corporate governance issues when he directed the internal audit function for a large U.S. corporation and was asked to chair a task force and take leadership for the company to revise many internal rules, rewrite its code of conduct, and establish an ethics function for that company in response to a major threat of litigation involving consumer fraud. Strong enterprise governance practices were established for that company, although they emphasized general operations and with little emphasis on IT systems and operations.

Enterprise governance issues became increasingly important in the first years of this century when the United States experienced a series of major corporate failures that were generally caused by accounting misdeeds and financial fraud. The notorious poster boy for this period was the commodities trading firm Enron. Its sudden and unexpected failure was based ...

Get Executive's Guide to IT Governance: Improving Systems Processes with Service Management, COBIT, and ITIL now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.