Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Testing and Evaluating Controls Design at the Company Level - Sarbanes Oxley

09/02/06

Permalink 05:07:46 am, Categories: Sarbanes Oxley, 208 words   English (US)

Testing and Evaluating Controls Design at the Company Level - Sarbanes Oxley

Designing effective internal controls requires a strong management commitment. Sarbanes Oxley is more than just documenting controls and testing them for effectiveness. The seeds of a strong control environment are sown at the company level. Without effective company level controls, it is really difficult to envisage strong transaction level controls. In a recent conference on SOX held in New York, a partner from one of the big 4 accounting firms gave a presentation on some of the key things to keep in mind while designing and testing company level controls for sarbanes oxley compliance. I jotted the key notes from his presentation. His explanation on designing company level controls revolved around the following points.

1. Code of Conduct

2. Risk Assessment Process followed by management

3. Whistleblower program and its effectiveness

4. Internal Audit Function and its role in the organization

5. Antifraud controls and proactively monitoring fraud risks

6. Process followed for remediation of control deficiencies and control exceptions

7. Role of audit committee, SOX steering committee in overall governance and regulatory compliance

8. Lastly, process by which information is communicated and dispersed across the organization.

Related Posts on Sarbanes Oxley

CPA's Role in Sarbanes Oxley Auditing
Computer Assisted Auditing Techniques for SOX
Using Control Matrix to Document Risks and Controls
Key Benefits of Section 404 Implementation

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • more...

    • Search

    Google

    Web Big4Guy.com

    September 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30          

    Misc

    Syndicate this blog XML

    What is RSS?