Title Details

Hugh Taylor is Vice President of Marketing at SOA Software, the leading provider of management and security solutions for enterprise service-oriented architecture. He is the co-author, with Eric Pulier, of Understanding Enterprise SOA (Manning, 2005). The author of more than a dozen articles and papers on the subject of web services and service-oriented architecture, Taylor is an authority on business process management, SOA, and compliance issues. Taylor received his B.A. degree, Magna Cum Laude from Harvard College in 1988 and his M.B.A. degree from Harvard Business School in 1992. He lives in Los Angeles.

Acknowledgements.

Introduction.

Part 1: The SOX Paradox.

Chapter 1: The Trouble with DexCo.

The Curse of the Adequate Performer.

A Functioning Mess.

Financials.

Hidden Time Bombs.

Summary.

Chapter 2: Agility: The Do or Die Mandate.

New Blood, New Operating Environment.

Moving Targets.

Partnerships.

Rapid Market Cycles.

Technology Shifts.

M&A.

Retail Consolidation.

Regulatory Shift.

Betting the Company.

Outsourcing.

Agility for DexCo.

The Wilde Plan.

Summary.

Chapter 3: Ramifications of SOX 404.

SOX 404—Definition and Context.

SOX 404 and the Audit Process.

COSO at DexCo.

Control Objectives.

Control Components.

Control Environment.

Risk Assessment.

Control Procedures.

Information and Communication.

Monitoring.

Why Linda Is Freaking Out.

Summary.

Chapter 4: Between SOX and a Hard-Coded Place.

Internal Controls and Business Processes.

Internal Controls and Information Technology.

Control Points.

Interdependent Controls.

The FAST Track to a Control Breakdown.

Broken Control Points.

Summary.

Chapter 5: Commit to COBIT?

This Is a High Stakes Game.

Strong Medicine: COBIT.

COBIT: Where IT Enables Controls.

Components of COBIT.

COBIT and Sarbanes Oxley.

COBIT in Depth: The DS 11 Process.

Control Statements.

Key Goal Indicators.

Key Performance Indicators.

Critical Success Factors.

Maturity Models.

Implications of DS 11’s Maturity Scale.

Summary.

Chapter 6: COBIT for Mere Mortals.

The 80/20 Heat Map.

COBIT Implementation.

Finding the Hot Areas for COBIT.

Deep Dive—Maturity of COBIT in a Hot Area.

Deeper Dive—COBIT Issues for a Specific Function.

Deep Dive—Circle Back to COSO.

COBIT and People.

Paying the Tab for COBIT.

DexCo’s Next Steps on COBIT.

Summary.

Chapter 7: The Pain of SOX.

COSO, COBIT, and Controls versus the Wilde Plan.

Flex-acturing.

Distribution.

Marketing.

Organizational Changes.

The Lose-Lose-Lose Proposition.

Think Globally but Act Recklessly.

Comply and Die.

The Remediation Doom Loop.

Non-Compliance Penalties.

Jim’s Big Question.

Summary.

Part II: Thinking Outside the SOX.

Chapter 8: What If?

Back at the Ranch.

Defining Agile Compliance.

Compliance as a Driver of Positive Change.

It’s Happened Before.

Summary.

Chapter 9: The Technology of Agile Compliance.

Living Up to Potential.

The Four Questions.

Mapping Business Process and IT Architecture.

Contractual Relationships.

Process Flow.

IT Architecture.

Is Flex-Acturing Under Control?

Will It Flex?

Answering Dale’s Questions.

What It Will Take to Flex.

Summary.

Chapter 10: The Organization of Agile Compliance.

Challenges to the Agile, Compliant Organization.

Tone at the Top Revisited.

The Accounting Organization.

The IT Organization.

Territoriality, Silos, and Culture.

Requirements for an Agile, Compliant Organization.

Summary.

Chapter 11: The Walk-Through.

Dale’s Need for an Overview.

Agile Compliance—The IT Plan.

Business Process Modeling and BPEL.

Unified Online Workspace.

Centralized User Management.

Application Development and Integration Process.

Agile Compliance and IT—The Sum of Its Parts.

Agile Compliance—The Organizational Plan.

The Agile Compliance Process Plan.

Troubleshooting.

Summary.

Chapter 12: The Pay Off.

Investing in Agile Compliance.

Return on Agile Compliance Investment.

Lower Cost of Compliance.

Operational Savings.

Agility.

Realizing the Wish List.

Summary.

Part III: Actually Doing It—For Real.

Chapter 13: IT Solutions for Agile Compliance.

Defining SOA.

Enterprise Service Bus.

SOBA.

On-Demand Software.

The Promise of SOA for Agile Compliance.

Even a Magic Bullet Can Kill You.

Summary.

Chapter 14: SOX Software.

Taxonomy of SOX Packages.

Shared Workspace.

Documentation Management.

Financial Coordination.

Exception Monitoring .

Internal Controls Modules.

Realizing the Potential of SOX Software.

Putting the SOX Packages into a Compliance Architecture.

SOX Packages and the DexCo Agile Compliance Plan.

Summary.

Chapter 15: FAST or Slow?

SOA for DexCo’s Agile Compliance.

The Agile Compliance Scorecard.

Scoring the Business Processes.

The Next Level: Scoring the Systems.

Back to Reality.

Summary.

Chapter 16: Conclusion.

Consensus.

The Future .

Appendix A: Glossary.

Appendix B: Resources.

Government Bodies and Organizations.

Audit Firms and Analysts That Publish Sarbanes Oxley Research.

Online Resources.

Bibliography.

Books.

Articles.

Reports and White Papers.

Index.

"an engaging and thought provoking book" (Information Age, December 2006)