mercoledì 30 maggio 2007

The Sarbanes-Oxley Act: implications for large-scale IT outsourcing

James A. Hall, Stephen L. Liedtka, "The Sarbanes-Oxley Act: implications for large-scale IT outsourcing", Comm ACM 03-2007

"Until they are certain that outsourcing IT management is the best possible option, firms would do well to maintain and invest in their own in-house IT assets.

Two sections of SOX are especially important to corporate IT departments:
Section 404. Called “Management Assessment of Internal Controls,” it mandates that corporate CEOs implement internal controls over their financial reporting systems, physically test these controls, and certify in writing that they function correctly. As a practical matter, the vast majority of controls are embedded in computer technologies that involve virtually
all of an organization’s financial transaction processing systems; and
Section 302. Called “Corporate Responsibility for Incident Reports,” it requires senior financial executives to disclose deficiencies in internal controls and fraud (whether material or not). Also, public accounting firms must attest in their audit opinions to the adequacy
and function of their client firms’ internal controls. Prior to SOX, auditing standards required
auditors only to be “familiar” with internal controls.

While large-scale IT outsourcing may appear to be a way to address the costs of SOX compliance, outsourcing contracts can actually increase the likelihood that a firm will fail to
comply with both the detail and the spirit of SOX.
Specifically, large-scale IT outsourcing increases the risk that top management and boards of directors will be unable to fulfill their oversight duties; that firms will employ ineffective internal controls over financial statements; that financial reports will be inaccurate
and/or misleading; and that firms will fail to protect shareholder wealth.

Finally, we note that an outsourcing client’s competitive success depends on the vendor’s ability to perform. Electronic Data Systems Corp. (EDS) has demonstrated the potential for vendor failures to have drastic, perhaps unforeseeable, financial repercussions.
EDS has struggled due to a variety of factors, including its own financial reporting failures and the bankruptcies of two of its largest customers—WorldCom and US Airways. In order to cut costs, EDS terminated 7,000 employees, which affected its ability to serve its clients. Following an 11-year low in share prices in 2002, EDS stockholders filed a class-action
lawsuit against the company. Vendors experiencing such serious financial and legal problems clearly threaten the viability of their strategic partners, as well as their ability to maintain internal controls and completely and accurately present financial information."

The effects of online advertising

Scott McCoy, Andrea Everard, Peter Polak, Dennis F. Galletta: The effects of online advertising, Comm ACM 03-2007

"Our findings suggest that advertisements do have significant effects on retention of the site. Also, advertising content that is non-congruent with the site’s content seems to lead to greater effort in reconciling the differing content, and ultimately greater memory of both the Web site and the advertisement. Intrusiveness is also important for both Web site designers and advertisers. Pop-ups and pop-unders seem to be more intrusive than in-line ads, implying
that users should not be interrupted from their online tasks to close the extraneous windows.

Designers should realize the magnitude of ill effects caused by advertising.
Although some of the differences were not large in magnitude, reducing the likelihood of a person’s return by 11% might be a cost that is too great for a site host to bear. Discovering that pop-up and in-line ads differ greatly in measures of intrusiveness, a host might play it safe and make use of in-line ads. As theory and practice begin to converge in this area, perhaps
what has been described so often as a wild new frontier might finally take a few steps toward being tamed."

Theoretical Reflections on Agile Development Methodologies

Sridhar Nerur e VenuGopal Balijepally, "Theoretical Reflections on Agile Development Methodologies", Comm ACM 03-2007 . Con una lista di riferimenti eccellente.

"The progression of thought in software development parallels the maturation of design ideas in architecture and strategic management. The traditional mechanistic worldview is today being challenged by a newer agile perspective that accords primacy to uniqueness, ambiguity,
complexity, and change, as opposed to prediction, verifiability, and control. The goal of optimization is being replaced by flexibility and responsiveness.

The tenets of agile methods depart from the traditional orthodoxy of software development. This shift in philosophy is not unusual, as similar patterns of intellectual evolution have emerged in other disciplines. A look at architecture and strategic management reveals that
the progression of ideas in them is remarkably similar to conceptual pattern shifts in software design."