In 2005, after significant staff increases takes affect, the SEC will begin massive, quarterly and yearly IT security audits to certify all public companies. Lack of IT certification will lead to fines up to $5 million and prison time up to 20 years for willful violation. The law does not stop at U.S. borders; it extends to overseas operations of companies publicly traded on U.S. exchanges. In this book, readers will learn what it takes to design an information technology infrastructure capable of protecting the privacy and access integrity of computer data, particularly in the Web applications environment.