Sarbanes-Oxley is still of importance to U.S. firms, and is becoming more so as globally similar IT Control government initiatives come due (EU-SOX, J-SOX to name only two). To that affect, whenever I see some helpful information for firms I like to repost it. A nice crosswalk was done here that provides a comparison between the stalwart COSO model for Sarbanes-Oxley and ISO 9001:2000. The table provides a simple down to earth view highlighting what organizations should be considering in their governance programs, and specifically IT Control environments.
The immediate takeaway for readers is that focus on the human side of the business plays a massive role in the achievement of technology safeguards.
Thanks to the author (Sandy) for providing this work, and please add comments to other hidden gems out in the online community.