Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: IT Risks Controls Evaluation - Important IT Controls for Sarbanes Oxley Section 404

02/26/06

Permalink 10:36:59 pm, Categories: Sarbanes Oxley, 228 words   English (US)

IT Risks Controls Evaluation - Important IT Controls for Sarbanes Oxley Section 404

IT controls are an important part of any organizations control environment. An organization needs to evalute the risks surrounding its IT environment and come up with controls to mitigate such risks. IT risks and controls evaluation have become all the more important in light of the requirements of Section 404 of the Sarbanes Oxley act. An organization should evaluate its information technolgy risks and controls during its Section 404 evaluation project.

Let me explain. An enterprise needs to evaluate IT risks at an early stage. This is important because when the 404 project compliance team decides the overall plan for evaluation of internal controls over business processes, the Sarbanes Oxley Section 404 compliance team needs to understand how IT controls will impact the overall control environment. Information technology controls include IT entity level controls and general IT controls at the process level. After a preliminary evaluation of the entity and general IT controls, the 404 compliance project team should decide which controls to document and evaluate so that management can arrive at a conclusion on internal controls over financial reporting. If technology controls are weak, management would need to lay extra emphasis on documentation and evaluation. On the other hand, if the IT controls are strong, the amount of effort involved would definetly be less.

Related Posts

Sarbanes Oxley and XBRL
Sarbanes Oxley Automation Softwares
Internal Control Maturity Framework
Sarbanes Oxley Cost Reduction

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • more...

    • Search

    Google

    Web Big4Guy.com

    September 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30          

    Misc

    Syndicate this blog XML

    What is RSS?