Big4Guy
Big4GuyWelcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.
|
Post details: Sarbanes Oxley IT Compliance - How to Evaluate IT Controls / Evaluating IT Controls as part of ICOFR
02/16/06
Sarbanes Oxley IT Compliance - How to Evaluate IT Controls / Evaluating IT Controls as part of ICOFR
IT Controls form an important part of internal controls over financial reporting. Any organization these days runs on some sort of application, software or ERP. There is normally a misconception that controls relating to such applications do not form part of internal controls over financial reporting. The truth is controls relating to applications, systems , ERPs etc very much form part of the scope of internal control over financial reporting and therefore need to be evaluated by the management. Considering IT risks such as inaccurate data processing, unauthorized access to systems, unauthorized changes to applicationsunauthorized changes to data, loss of data etc, IT controls become all the more important. Broadly, IT controls either are evaluated at the user level or at the infrastructure / entity level. IT controls in turn covers controls relating to a wide variety of areas. Some of the categories are:
IT General Controls - These include program management, system change, access and authorization controls for programs and data, computer operations, program development, change management etc.
Application and Process Controls - These relate to authorizations, configurations, exception reports, system access related controls, interface controls, output and input controls.
Related Posts on Sarbanes Oxley...............
> Sarbanes Oxley Year Two Compliance , > SOX Learnings from Fortune 500 Companies , > Planning a SOX Implementation Project , > Types of Corporate Fraud
Comments:
No Comments for this post yet...
Categories
Archives
Search
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
| << < | > >> | |||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Misc
All content copyright © 2005-2008
Big4Guy.com
Do not reproduce either in part or full without the express permission of the
Webmaster
