Big4Guy
Big4GuyWelcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.
|
Post details: Sarbanes Oxley Controls Testing Project Management
06/21/06
Sarbanes Oxley Controls Testing Project Management
Sometime back in Januray this year, I had written about how the Project Management Maturity model could be applied to a Sarbanes Oxley 404 implementation. Once the risk and control matrices (commonly known as
RCM's) are ready, companies can go in for testing the controls. Usually, sarbanes oxley controls testing is a time bound plan where resources i.e. testers are identified, testing locations are notified, and a time plan is made. I have seen many SOX directors in companies taking up SOX testing as a project. Usually they apply the same skills they would apply to any important project. SOX Directors need to ensure that the following
areas are taken into account in the testing project.
Scope Management - Testing should ensure that all key controls are tested. Similarly significant accounts which have a direct bearing on financial statements should also be covered. Generally, scope management is to ensure that all significant items have been covered under testing.
Time Management - Time management ensures timely completion of SOX testing. Testing time / schedule allocated for inquiry & observation and for examination & reperformance needs to be strictly adhered to in order to ensure time bound completion.
Cost Management - Cost management takes care of actual project costs against budgets. Costs involved in actual controls testing need to be estimated, budgeted and planned. Comparing Actual Vs. Budgeted costs
of testing is also a part of cost management.
Quality Management - For sarbanes oxley controls testing to achieve its purpose, it should pass the neccesary quality assurance tests. Quality standards for SOX testing are normally laid down by SOX directors / steering committee.
Integration Management - Finally, for successfully managing a SOX testing project, it should be ensured that all the various elements of the project are properly coordinated. This is normally the responsibility of SOX project manager. Project change control, project plan execution and development normally come under integration management.
Related Posts
For the Love of Sarbanes Oxley
Sampe Size Selection for Evaluating Operational Effectiveness
How to Make a Project Plan for SOX Compliance
Indirect Company Level Controls
Comments:
No Comments for this post yet...
Categories
Archives
Search
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
| << < | > >> | |||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Misc
All content copyright © 2005-2008
Big4Guy.com
Do not reproduce either in part or full without the express permission of the
Webmaster
