IT Organization Management Re-Structuring Recommendations? 53
-
I am in an IT organization. We are preparing to restructure our leadership to ensure that we have the quality controls in place to comply with S-O. We are looking to have our Quality Assurance, Process Improvement and Auditing offices fall under the same director. Does anyone see a problem with this or have recommendations (or documents) for optimum organiztional structure :?:
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
This post is deleted!
-
The director isn’t the problem…In a way every organisation has one director…
The issue is the people below him…are there people who qualify to assure a good control mechanism / quality and seperation of functions …
-
I don’t agree with that. Espacially sox requires key-controls, their test and external auditors to look for indicators and prove of management override of internal controls.
From my point of view having one director for all of the mentioned departments it is a strong indicator that mangement overrides can occur. The fish stinks from the head. I would at least seperate the internal Auditors to a different director.
-
I would have to agree with Holger. SOX was designed to demonstrate internal control over management and the Board. Since Audit is such a key role, independence would be a strong control. Audit departments need to be free to provide whistle blowing, etc.
-
According to me every company has one general manager/director…
The main issue is here:
Does he has (qualified) managers below him who can provide and assure a good internal control.
Offcourse there still has to be as Holger allready said also an external auditor on regular base to check the quality of those internal checks and controls.
-
Not all companies have only one general director. I believe most of the sec listed companies will at least have a board of directors and a supervisory board in one or the other way. Therefore it shouldn’t be a problem to assign the internal audit function to a different board member or to the supervisory board. The company should be able to demonstrate a proper segregation of duties.
-
The company should be able to demonstrate a proper segregation of duties.
In smaller companies it is enough for the director to delegate this duties…
furthermore I agree with you.
-
Good modules for your CMS makes the whole transition easier.