As security is such a major theme on the Act, many organizations are using the international ISO standards. The ISO 27001 Portal outlines these. A copy of the standards, and security policies, can be obtained via the ISO 17799 Toolkit.
Our server logs indicate some interesting mis-spellings: Sarbannes Oxley, Sorbane Oxley, Sarbanne Oxley, Sarbaines Oxley, Sarbanesoxley, Sorbanes Oxley, Sabanes Oxley, Sarbane Oxley, and Sarbanes Oaxley, to name but a few!
Posted: Tue Jul 04, 2006 10:49 am Post subject: SOX and the IT Interview
You might find it helpful to read through and understand the FAQs on SOX from Protiviti Consulting to help you to prepare for your interview.
English might not be your first language, but you should work to improve it both in writing and in verbal communication.
In my opinion, there is no shortage of technically competent "SOXperts", but it is difficult to identify experienced risk management professionals with exceptional communication and interpersonal skills.
Joined: Jan 12, 2006 Posts: 853 Location: Roanoke, Virginia
Posted: Wed Jul 05, 2006 8:18 am Post subject:
One of the business forums devoted to Project Management has a career section and we are constantly discussing these types of questions.
Some ideas of what might be asked in applying for a SOX related position:
1. Tell me about yourself?
2. What is your current roles and responsibility in your company?
3. What is your experience in the development of SOX related controls?
4. Please describe how you were successful with implementing in SOX related controls? What challenges did you face?
5. Describe your SOX related training
6. Describe your training related to Accounting and financial systems?
7. Describe your IT training and background?
8. Describe techniques used in working with others during SOX implementation (e.g., senior management, business managers, IT teams)
9. Tell me about you would solve an issue where the business professionals and IT do not agree on the approach for SOX implementation?
10. It is important to plan and prepare in advance for any interview Know all of the SOX standards thoroughly, as you might be quizzed on what SOX 302, 404, 409, 902 etc mean ... The same goes for COBIT, COSO, etc. Several good links to help in preparation can be found here:
Be sure to ask at least a couple of questions yourself as it shows both interest and preparation Below are some ideas:
1. How is your business outlook for the coming year?
2. What are the challenges your company is facing?
3. What major projects has your company implemented in the past year?
4. You might ask more specific questions on products or services the company offers from your advance preparation and research of their website (as this is a sign of showing interest).
5. What major projects do you know about that are planned for the coming year?
6. What are your major challenges for SOX implementation?
7. What are the critical success factors you are looking for in SOX implementation?
Note: Focus only on job related questions ... I'd avoid asking detailed questions about salary, benefits, vacations, etc.; as usually HR folks cover this.
Finally, this while this link pertains to the Project Management profession, you can subsitute any job profession here for general principals on ideas for resumes, cover letters, interview preparation, and follow-up.
Add "www" to link below and paste into your browser
Posted: Wed Jul 05, 2006 9:11 am Post subject: SOX and Core Competencies
To prepare for an interview for a SOX position, it might be helpful to Google search on the terms "core competency" and "Auditing". Much of the knowledge, skills, and abilities for success in a career in Auditing are similar to those that would apply for participation on a SOX project.
The AICPA has developed CPA Core Competencies tested on the Uniform CPA Examination. Again, many of these core competencies would apply to SOX and could be used to perform a self-assessment ito help you to determine if you have the requisite skills for SOX.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Trademarks referenced on the SOX Act Forum are property of their respective owners. Comments are property of their respective posters. Sarbanes-Oxley Act Implementation Portal: Sarbanes Oxley compliance, information, software, & internal audit committee resources. Sarbox. Site source is copyright nuke (c)2003, and is Free Software under the GNU / GPL licence agreement. All Rights Are Reserved.