SOX-online news is updated daily.

SEC  Sarbanes-Oxley Opinions
Compliance with SOX
Approaches
Costs
Implications of SOX
Questions to Answer
Section 404 Preparation Checklist
The Basics
Governance
Corporate Governance
COSO/COBIT
IT Governance
SEC and PCAOB
Security
The Act Itself
Humor
Dear Ms. SarBox
Shocking SOX Stuff
In the Spotlight
Companies & People in the Spotlight
Compensation
Hall of Shame
Sarbanes & Oxley
News & Commentary
Commentary
Latest News
Ms. Sarbox's Private Collection: News Archive by Topics
Press Releases
Numbers & Words
Quote Us
Soundbites
Statistics
Surveys
The SEC is very clear about internal controls:

We believe that each company should be afforded the flexibility to design its system of internal control over financial reporting to fit its particular circumstances. Source: http://www.sec.gov/rules/final/33-8238.htm#iib3a.

In this same final rule, the SEC says:

The methods of conducting evaluations of internal control over financial reporting will, and should, vary from company to company. Therefore, the final rules do not specify the method or procedures to be performed in an evaluation.

They go on to discuss the COSO framework:

...we have modified the final requirements to specify that management must base its evaluation of the effectiveness of the company's internal control over financial reporting on a suitable, recognized control framework that is established by a body or group that has followed due-process procedures, including the broad distribution of the framework for public comment.

The COSO Framework satisfies our criteria and may be used as an evaluation framework for purposes of management's annual internal control evaluation and disclosure requirements. However, the final rules do not mandate use of a particular framework, such as the COSO Framework, in recognition of the fact that other evaluation standards exist outside of the United States, and that frameworks other than COSO may be developed within the United States in the future, that satisfy the intent of the statute without diminishing the benefits to investors.

Why you need both an Accounting and an IT framework.
Back to the main COSO & COBIT page.

Sarbanes-Oxley News Articles
Articles about the affect of Sarbanes-Oxley on accounting and accountants  Accounting
Articles about the affect of Sarbanes-Oxley on auditing and auditors and internal auditors  Auditing
Articles about the affect of Sarbanes-Oxley on Board of Directors and corporate executives  Boards & Executives
Articles concerned with Sarbanes-Oxley compliance costs, including tools, Sarbanes-Oxley software, or other costs  Compliance Costs
Articles about ethics or advice regarding Sarbanes-Oxley compliance  Ethics & Advice
Articles about legal issues affecting Sarbanes-Oxley tools, applications, or approaches  Legal Issues
Press Releases about Sarbanes-Oxley tools, applications, approaches, events, or other news  Press Releases
 Articles about record retention and Sarbanes-Oxley tools, applications, or approaches  Record Retention
Articles about the SEC and the PCAOB and their affect on Sarbanes-Oxley tools, applications, or approaches  SEC & PCAOB
Articles about affect of Sarbanes-Oxley on small companies and private companies  Small & Private
     Companies
Articles about basic Sarbanes-Oxley information  SOX Primer
Article about Sarbanes-Oxley tools, applications, or approaches  Tools & Software
Article about Sarbanes-Oxley whisteblowing or whisteblowers  Whistleblowing