Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
· Home
· Content
· Directory
· Downloads
· Forums
· Search
· Sox_Admin
· Statistics
· Submit News
· Surveys
· Top 10
· Your Account

Sarbox Compliance
The appropriately named Sarbanes-Oxley Compliance Toolkit includes a whole range of materials specifically put together to both introduce, and take you through this most important of legislation.

For detailed information see the toolkit's own website: Sarbanes-Oxley Compliance

SOX Act and Security
As security is such a major theme on the Act, many organizations are using the international ISO standards. The ISO 27001 Portal outlines these. A copy of the standards, and security policies, can be obtained via the ISO 17799 Toolkit.

The SOX email storage requirements can be fulfilled using the GFI MailArchiver

SOX Advertisers

Sarbanes What?
Our server logs indicate some interesting mis-spellings: Sarbannes Oxley, Sorbane Oxley, Sarbanne Oxley, Sarbaines Oxley, Sarbanesoxley, Sorbanes Oxley, Sabanes Oxley, Sarbane Oxley, and Sarbanes Oaxley, to name but a few!

Sarbanes-Oxley Act Forum: Forums

The Sarbanes Oxley Act :: View topic - Migration to new accounting software
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin 

Migration to new accounting software

Post new topic   Reply to topic    The Sarbanes Oxley Act Forum Index -> Sarbanes-Oxley: IT Issues
View previous topic :: View next topic  
Author Message

Joined: Jan 16, 2006
Posts: 3
Location: New York / Manhattan

PostPosted: Thu Oct 05, 2006 4:09 pm    Post subject: Migration to new accounting software Reply with quote

What documentation, if any, is neccessary in support of the migration to a new accounting software system? If required would this be captured in a SDLC proc?
Back to top
View users profile

Joined: Oct 17, 2005
Posts: 415
Location: NY

PostPosted: Thu Oct 05, 2006 5:27 pm    Post subject: SOX and Implementation of a New Accounting System Reply with quote


A new accounting system implementation will have significant impact on SOX documentation and related evidence to support the controls over financial reporting.

Yes, the SDLC can be used to support effective change management processes. However, the application controls in the new accounting system will need to be reviewed and tested to ensure that transactions are accurately processed in the new system. Also, significant linkages and data interfaces between source systems and the new accounting system should be reviewed. Data migration issues from the old system to the new system might also require assessment.

Additionally, the SOX business process documentation that addresses the ICFR under the older system might need to be reviewed and updated. If you are simply going to a newer version of an existing accounting system, the upgrade and migration will likely require less effort.

However, the implementation of a new accounting system will generally have a significant impact on SOX process documentation, application controls, and possibly general controls too.

A lot of useful information may be found at The software vendor should also be able to provide technical and user documentation that might be helpful to develop SOX process documentation and design/implement tests of controls.

Hope this helps,

Back to top
View users profile Send email

Joined: Jan 12, 2006
Posts: 853
Location: Roanoke, Virginia

PostPosted: Thu Oct 05, 2006 5:50 pm    Post subject: Reply with quote

Hi Jed - I'd recommend checking with the audit on this for specific requirements, as I've seen quite a bit of variability among companies. The SOX 404 (IT) and other standards are written generically for a wide range of IT systems and technologies. Also YMMV depending on your external auditors requirements.

Several promising links here (add www and paste to browser)

I'm in IT and have designed standards for SOX in the past. Here's a few ideas to start with that I've used as applicable:


1. Formal Project Plan
2. Formal write up of SOX controls to be used - make this a standard for the team
3. Formal and rigid change control on source promotions (e.g., alpha to beta to QA to production)
4. Very Detailed and complete accountability of all financials in the conversion from old to new
5. Appoint SOX coordinator (I've been that on a few projects)
6. Invite Internal Audit to participate and give guidance up front
7. If applicable, invite external Auditors to participate and give guidance up front
8. Documentation standards
9. Create an e-Library of documentation (contrary to popular belief you can do SOX using a paperless aproach.
10. Look at low-cost tools if needed
11. Educate the team in SOX standards, basics, and in-depth as needed
12. Streamline workflows for efficiency ... Do it right so you don't have that 30% overhead as a drag on the project. You still might have some (e.g., 5-10%) as doing the extra work for SOX ain't gonna happen by itself.
13. Have an emphasis of SOX being an important deliverable to the team in the development process as well as the application
14. Work with the users to design and use the best practices for workflow.
etc ...
15. Obtain senior managements support for the extra time and requirements ... That will do wonders for your project.
16. Security, Security, Security ... Best the best controls, autonomy levels, protect workstations and servers, etc.
17. Reconciliation Reports - plan on developing a # of these to compare old v. new systems
18. Make signoffs on the financials a part of the user approval process (it puts the best interest on users to matilously examine test material)
19. Log project history (Promotions, Change control history, correspondence, test plans) in the e-library
20. Revisit your SOX standards and progress at least quarterly.
Back to top
View users profile Visit posters website

Display posts from previous:   
Post new topic   Reply to topic    The Sarbanes Oxley Act Forum Index -> Sarbanes-Oxley: IT Issues All times are GMT - 6 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Forums ©

Trademarks referenced on the SOX Act Forum are property of their respective owners. Comments are property of their respective posters.
Sarbanes-Oxley Act Implementation Portal: Sarbanes Oxley compliance, information, software, & internal audit committee resources. Sarbox.
Site source is copyright nuke (c)2003, and is Free Software under the GNU / GPL licence agreement. All Rights Are Reserved.