The Role of Information Systems Auditors in Enhancing Compliance with SOX and FFIEC Standards in Banking
Posted: Dec 10, 2016
Abstract
This research examines the critical role of Information Systems auditors in enhancing compliance with Sarbanes-Oxley Act (SOX) Section 404 and Federal Financial Institutions Examination Council (FFIEC) guidelines within the banking sector. Through comprehensive analysis of 320 compliance audits across 65 U.S. banking institutions from 2012-2015, this study develops a multidimensional framework for evaluating IT control effectiveness under regulatory standards. The findings demonstrate that organizations with integrated IS audit functions achieve 42% higher compliance rates with SOX Section 404 requirements and 58% faster remediation of FFIEC-identified control deficiencies. The research introduces the Regulatory Compliance Maturity Model (RCMM), which identifies five critical dimensions influencing audit effectiveness: control environment assessment, documentation rigor, testing methodology, deficiency management, and continuous monitoring. Statistical analysis reveals strong correlation (r=0.81, p¡0.001) between RCMM scores and regulatory examination outcomes. Banks with mature IS audit capabilities experienced 67% fewer material weaknesses in internal controls and reduced compliance-related costs by 31% through optimized audit processes. These findings underscore the strategic value of IS auditors in navigating complex regulatory landscapes and provide practical frameworks for enhancing compliance effectiveness while reducing associated burdens.
Downloads: 73
Abstract Views: 2254
Rank: 462700