Take a look at the new paper just published this month regarding SOx and TFS 2010.
This paper provides an overview of the Sarbanes-Oxley Act of 2002 (also known as SOx) as it relates to software development practices and the associated risks to financial systems. Visual Studio Team Foundation Server 2010 can be used to reduce many of those risks and provide evidence as proof of compliance for auditors.
http://msdn.microsoft.com/en-us/library/gg983694.aspx
