Primarily as it relates to information security controls, section 404. In order to meet the requirements, a company must show that proper controls are in place for identity management (who has access to the financial records) and data protection and integrity (are the financials valid and un-altered?). He recommends and implements a range of security controls such as proper use of encryption and authentication to help companies achieve SOX 404 compliance.

sllevin, we'll let you know if we find any people for you at his upcoming conference ^ http://www.sans.org/sanslamp04/description.php?tid=55