姓名 |
林墾懋(Ken-Mao Lin)
畢業系所 |
資訊管理學系在職專班 |
論文名稱 |
摘要(中) |
美國企業集團安隆(Enron)公司、世界通訊(WorldCom)等公司連續爆發做假帳醜聞後,美國政府為了重拾投資大眾的信心,強化企業財務資訊的透明度與可信度,於2002年7月30日簽署了沙賓法案(Sarbanes-Oxley Act),其中的404章節內容規範公開公司必須建置並維持有效的與財務報導有關之內部控制,對企業資訊科技的治理產生很大的影響。
摘要(英) |
With the innovation of information technology (IT), various kinds of information systems have been applied to the enterprise. Taking advantage of the network, there are lots of commercial activities going through the Internet as well. A significant portion of enterprise operations are relying on the information technology, making the IT-related company governance an important issue that businesses have to deal with.
As a reaction to a number of major corporate and accounting scandals, including Enron and WorldCom, the Sarbanes-Oxley Act of 2002 (SOX) is a United States federal law enacted on July 30, 2002 to rebuild public confidence, strength the visibility and reliability of finance statements. In Section 404, the Act requires management to build and maintain an adequate level of internal control over financial reporting. It also has significant impact on the IT governance.
This research is an exploratory research to provide an overview of the procedure that the case company implemented SOX. The study also reviewed the frameworks related to IT governance, including COSO, COBIT as well as Sections 302 and 404 of SOX. The result of study shows that the case company experienced problems in different aspects including system, manpower and technical knowledge. After many years of auditing and remediation, the company has made great improvement to SOX compliance and IT governance. The research finally provides the implementation framework and suggestions from the case study.
關鍵字(中) |
★ 資訊稽核 ★ 資訊科技治理 ★ 沙賓法案 |
關鍵字(英) |
★ SOX compliance ★ IT governance ★ IT audit |
論文目次 |
目 錄
摘 要 I
Abstract II
誌 謝 III
目 錄 IV
圖目錄 VI
表目錄 VII
第一章 緒論 1
1.1 研究背景與動機 1
1.2 研究目的 3
1.3 論文架構 3
第二章 文獻探討 5
2.1 COSO內部控制標準 5
2.2 沙賓法案 12
2.3 COBIT資訊科技控管目標 19
2.4 COSO、沙賓法案與COBIT之關聯 23
第三章 研究方法 28
3.1 研究設計 28
3.2 研究流程 29
3.3 研究限制 30
3.4 個案公司選擇 31
第四章 個案研究與分析 32
4.1 個案公司簡介 32
4.2 沙賓法案實施的挑戰 33
4.3 因應對策 35
4.4 實施細節及初始測試 40
4.5 改進之道 55
第五章 研究結論與建議 60
5.1 研究結論 60
5.2 研究建議 63
參考文獻 65
指導教授 |
王存國(Eric Wang)
審核日期 |
2009-7-10 |
