The Sarbanes-Oxley Act of 2002 was created to restore investor confidence in the public markets. The Act requires management to establish and maintain internal control - and requires the independent auditors to evaluate.

Preparing for compliance is a significant task. Processes need to be identified and controls need to be documented/tested. Current auditor rules require consideration of "IT". Auditors and management are required to document and assess the effectiveness of IT controls over the financial reporting process.

With the dependence on IT for reliable financial reporting processes, IT plays a key role in compliance with Sarbanes-Oxley. Companies should ensure IT has an active role in compliance efforts.