A proposed revision to the Sarbanes-Oxley Act of 2002 would take a lot of the bureaucracy out of compliance. Under current rules, a company must log every transaction the database administrator performs, so that when the auditors come in, they can see that someone at the company verified all DBA transactions against trouble tickets. Some consider this a big waste of time, considering that no one will know whether or not the DBA actually performed the task. The new standard would relax some of these procedures in favor of a top-down approach, directing the auditor's attention to financial statements and company-level controls rather than "process-level aspects of control." The proposal will go to a vote on May 24th, and if approved, will be sent to the SEC. The goal is to finalize the new rules in time for the next cycle of audits of internal controls for fiscal years ending after Nov. 15, 2007.

Learn more about proposed changes to Sarbanes-Oxley:
- read the blog at InfoWorld

For more on Sarbanes-Oxley compliance:
- see our sister publication FierceSarbox

ALSO:
- read this on why flexible compliance saves time and money
- this on how the New York Stock exchange deals with Sarbox
- and this on how Sarbox work brings financial rewards