GSTF Journal on Computing (JoC)

With the rapid evolution of computer systems in business organizations worldwide, use of computer systems must be controlled. Because of the characteristics of information, they may give rise to the security problems of information. Most business organizations rely on business information for decision making and even status reporting to stockholders, misuse of accounting information, fraudulent business activities or misrepresentation of company financial status may arise if there is no control over the data subject, data user and data custodian. Corporate governance is required in this regard. SOX implementation is one of the corporate governance tools and has been compulsorily adopted by all American-related companies as well as being widely adopted by non-American companies globally. This paper reviews past literature on SOX implementation in order to establish whether it can help to eradicate the above problems or only bring burdens to stakeholders.