The Sarbanes-Oxley act introduces a new set of requirements into software development. Corporations need to assess their internal control effectiveness for business processes to show compliance with the act. This paper proposes a conceptual framework for integrating Sarbanes-Oxley compliance needs into the software development process by mapping the various stages of the software development process with an established framework for internal controls.