In 2002, the Sarbanes-Oxley Act was passed into law requiring all U.S. based, publicly traded companies to report on the status of their internal controls governing the reporting of financial information. Because of the close relationship between financial reporting and IT, the requirements of the Sarbanes-Oxley (SOX) Act has also greatly impacted IT Governance and the way IT projects are managed. This study is investigating the impact of SOX on IT Project Management within a large corporation. The study is evaluating three areas of impact: 1) The introduction and formalization of internal controls as defined by the COBIT framework, 2) The positive and negative effects on IT project implementation, and 3) The additional costs to an IT project to maintain compliance to the SOX requirement. In addition, the study also considers if the introduction of internal controls has impacted the organization’s development maturity when evaluated against standard maturity models.
Leih, Michael, "The Impact of the Sarbanes-Oxley Act on IT Project Management: A Case Study" (2005). AMCIS 2005 Proceedings. 301.