The appropriately named Sarbanes-Oxley Compliance Toolkit includes a whole range of materials specifically put together to both introduce, and take you through this most important of legislation.
As security is such a major theme on the Act, many organizations are using the international ISO standards. The ISO 27001 Portal outlines these. A copy of the standards, and security policies, can be obtained via the ISO 17799 Toolkit.
The SOX email storage requirements can be fulfilled using the
GFI MailArchiver
SOX Advertisers
Sarbanes What?
Our server logs indicate some interesting mis-spellings: Sarbannes Oxley, Sorbane Oxley, Sarbanne Oxley, Sarbaines Oxley, Sarbanesoxley, Sorbanes Oxley, Sabanes Oxley, Sarbane Oxley, and Sarbanes Oaxley, to name but a few!
Sarbanes-Oxley Act Forum: Forums
The Sarbanes Oxley Act :: View topic - CSOX - SOXBase Certification and SOXPro
Posted: Sun Jul 24, 2005 8:15 pm Post subject: CSOX - SOXBase Certification and SOXPro
Hi,
Has anyone considered attempting this certification? And is this certification recognised?I would be interested in gaining a qualification in this area however I am struggling to find information on it other than the fact that it exists.
I have taken and passed this certification examination test. I am also a certified instructor located in the Atlanta area and I am holding class in the Atanta area on the 29-30th of January. If you are interested in this course, please feel free to give me a call. 678-247-3616.
I am not really sure about the value of this certification and acceptability. Can someone in the forum throw some more light on these two certifications in terms of value and acceptability.
Joined: Jan 03, 2006 Posts: 5 Location: Bangalore, India.
Posted: Wed Mar 15, 2006 6:27 am Post subject: Re: CSOX - SOXBase Certification and SOXPro
I've heard of this as well.. the program was scheduled to be conducted by a Sanjay Anand. I'd appreciate views on the value/acceptance of this certificate..
Feroz.. _________________ IntelleSecure presents resouces and expertise on SAS70, SOX, Security Awareness, CISSP, BCP & DR, BS 7799, ISO 17799, Computer Forensics, Web Application Security, Ethical Hacking, PT & VA, Advanced Intrusion Analysis.
Mr Sanjay Anand is in fact the chairman of SOX Institute in US. He is a very well known consultant. He has conducted several SOX programmes in US as well as in Asia and participants from companies like IBM, Symantec, FedEx, Moores Rowland etc., gave very good feedback on the courses he conducted.
The SOX certification by SOX Institute is in fact the only kind of recognition in SOX available at the moment. I can't comment on the exact value but it certainly does carry some weight as you need to pass a SOX exam before you can use the CSOX title.
Joined: Nov 25, 2004 Posts: 787 Location: London, UK
Posted: Fri Jun 23, 2006 6:25 am Post subject:
Not convinced that a SOx certification is of any value. _________________ "The art of life is to deal with problems as they arise, rather than destroy one's spirit by worrying about them too far in advance" - Cicero
In an earlier post (see above), I believe that the general consensus was that CISA, CPA, and CIA were value-add certifications. The new SOX certifications though might require passing a test, but are not recognized in the industry or are considered when selecting professionals for participation on a SOX implementation project.
Joined: Sep 21, 2004 Posts: 149 Location: Northern Europe
Posted: Mon Jun 26, 2006 10:36 am Post subject:
So what you're saying is that it carries as much weight as buying a diplom from a university you found online?
I've found that you do not need any qualifications as long as you have a background that in some way can be useful. _________________ Sarbanes Oxley Advisor
I do agree that SOX Certification at this moment does not carry as much weight as other certifications out there. However, what I feel is that SOX certification is more of an assurance to employers cause employers may not necessary know your background in SOX but with a certification they are more likely to believe that you know your SOX
Joined: Jan 12, 2006 Posts: 849 Location: Roanoke, Virginia
Posted: Thu Jun 29, 2006 5:47 am Post subject:
As we've discussed in previous posts, the major designations (e.g., CPA, CISSP, CISA, PMP, etc.) are going to help the professional more significantly in their career. The major certification programs are far more difficult exams that might be seen as the equivalency of another four year degree by employers..
While some of the new SOX designations probably won't help as much from a career perspective, they might offer good training and certainly it's a little more info on the resume or cover letter to help someone. For example, if I had to take training specifically for SOX at work and could also achieve a professional designation I'd at least look at it. Even though it's not widely recognized, the training program and course material looked good to me.
Still, individuals should fully assess both costs and any annual on-going fees associated with these programs. They should research on Monster, Dice, or other employment sites whether they might make a difference -- so far I've not seen a demand other than for the major designations.
I also agree with Irqui that a person's experience, professional skills, work ethics, willingness-to-learn and past accomplishments are significantly more important than any certificate.
Joined: Nov 25, 2004 Posts: 787 Location: London, UK
Posted: Mon Jul 03, 2006 4:10 am Post subject:
Ultimately, the guts of SOX is nothing new which is why I see little value in these certifications.
There is one component that is internal control over financial accounting processes that is "bread and butter" CPA work, and the second is control over information systems which is core IT audit work (hence CISA, etc.). _________________ "The art of life is to deal with problems as they arise, rather than destroy one's spirit by worrying about them too far in advance" - Cicero
Ultimately, the guts of SOX is nothing new which is why I see little value in these certifications.
There is one component that is internal control over financial accounting processes that is "bread and butter" CPA work, and the second is control over information systems which is core IT audit work (hence CISA, etc.).
I have to disagree - "bread and butter" CPA work is not internal control over financial accounting processes. Before SOX, CPA's barely knew a thing about controls, I had to explain controls to a partnet from D&T. Controls have always been the brad and butter of the CISA (and the CIA), heck the word control is in their association title.
It has always astounded me that people look for CPA's for their SOX work first. I look for them behind CIA's and CISA's. Their are more CPA's out there now with good controls "sense", but it has taken awhile for them to learn good control design beyond what was once needed to satisfy their Audit plans.
Regards,
Frank Steele CPA, CIA, CISA (CISM too, and note I still ist CPA first
P.S. Ihave been doing SOX since December 2002, and I never heard of or have seen any CSOX designation come across my desk.
Now I am working on the NASD's version of SOX for Brokerages, NASD rules 3010, 3012 and 3013, controls over operations in brokerages. Fun stuff.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Trademarks referenced on the SOX Act Forum are property of their respective owners. Comments are property of their respective posters. Sarbanes-Oxley Act Implementation Portal: Sarbanes Oxley compliance, information, software, & internal audit committee resources. Sarbox. Site source is copyright nuke (c)2003, and is Free Software under the GNU / GPL licence agreement. All Rights Are Reserved.
Forum FAQ
Search
Usergroups
Profile
Login to check your private messages
Login
