Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Evaluating Program Development Controls SOX ITGC

02/16/07

Permalink 04:42:10 am, Categories: Sarbanes Oxley, 193 words   English (US)

Evaluating Program Development Controls SOX ITGC

Testing and evaluating the program development controls is essential as part of the overall ITGC framework. For Sarbanes Oxley, program development mainly refers to new systems and applications being developed are authorized, tested, approved, properly implemented and documented. Some of the program development controls that should form part of testing are included below. Though the list below is only indicative, and there may be more controls depending upon the IT environment.

1. SDLC is followed for development of new systems used in financial reporting.
2. All systems developed are tested throughly before being put in production environment.
3. All systems developed are approved by the senior business management.
4. User acceptance testing UAT is done for new systems before the same are rolled out.
5. Controls which are affected as a result of design and implementation of new systems are modified to reflect such changes.
6. Data migrated to newly developed systems is tested.
7. User trainings are conducted as part of the new system implemntation.
8. New systems and programs are restricted from unauthorized access in the production instance.

Related Posts

Sarbanes Oxley Policies and Procedures
Sponsorship for Internal Audit SOX
Testing Protocols for Sarbanes Oxley 404
Corporate Governance Best Practices

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • How to Create SAP Report Variants and Variables
  • more...

    • Search

    Google

    Web Big4Guy.com

    June 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
                1
    2 3 4 5 6 7 8
    9 10 11 12 13 14 15
    16 17 18 19 20 21 22
    23 24 25 26 27 28 29
    30

    Misc

    Syndicate this blog XML

    What is RSS?