Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Thursday, December 01, 2005


Spending on Sarbanes-Oxley compliance will top $6 billion in 2006, on par with the $6.1 billion spent in 2005, according to a new report out today from AMR Research Inc.  But the emphasis is shifting, the Boston-based consulting firm found, with a greater percentage of the budget going to technology, as companies seek to automate and monitor the many controls required to comply with the 2002 federal act.  AMR is predicting that budgets allocated to head count will fall by 8% next year to $2.3 billion, or 39% of total spend on SOX compliance.

AMR Research compliance guru John Hagerty attributes the shift in spending in part to better guidance from the Securities and Exchange Commission (SEC) and the Public Company Accounting Oversight Board (PSCAOB), the watchdog for public accounting firms.

AMR found that many companies focused their SOX efforts this year on refining their existing business and IT control in preparation for automating through technology.  According to the AMR survey, more than 80% of companies said they expect to reap business benefits by adding or improving their SOX compliance regimens.

The two biggest areas for SOX investment in 2006, says AMR, will be compliance management software and continuous controls monitoring software.

The report is a sneak peak at the firm’s annual comprehensive survey on SOX spending.,289142,sid19_gci1148856,00.html

Posted on 12/01