Please note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.

Sarbanes-Oxley (SOX) is here to stay for small to mid-sized enterprises (SMEs), which the Securities and Exchange Commission (SEC) defines as any publicly traded company with less than $75 million in market capitalization. Despite the fact that auditing standards have been adjusted for smaller organizations, many SMEs still need to prioritize and strengthen those internal IT controls that protect information assets.

The Information Systems Audit and Control Association (ISACA) is the organization that sets standards for auditing and grants certification to auditors. New studies from ISACA pinpoint the top controls that are the most important for SMEs. This research note discusses:

  • The latest SOX developments in the SME space.
  • Key findings from the ISACA study.
  • Which tactics SMEs can use to satisfy internal IT controls.

SMEs must implement control objectives for compliance and improved security, but have limited means to do so. The ISACA study prioritizes the most important IT controls so that SMEs can get on top of their control game.

Related Content

Hide Details

Search Code: 9198
Published: March 14, 2007
Last Revised: March 14, 2007


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.