This is an essay about the implications for software testing of the US’s Sarbanes-Oxley (SOX) corporate governance legislation passed in 2002.
“What implications?”, you may well ask. That is the point. There has been a lot of misunderstanding about SOX, and unchallenged assumptions that it requires testers to adopt a more document heavy, scripted approach then they would otherwise have done. This article tries to provide some balance. Testers who are doing the job in a responsible manner would be unlikely to have to change their approach significantly to cope with SOX.