6. Resource question. 371

Resource question. 371

  • H

    You should be aware, that there won’t be a ready to use checklist. SOX requires you to aim at the Controls within your financial statements environment. How you will acomplish that is up to you. They only point out some helpful frameworks.
    As to your list of risks. I would look closely at them and measure if they really impact the financial statements. If so I would add assertions to those risks, to show that you made a link to COSO. After that you go to the process documentation. That’s to enable you to show what your key controls in the process are and where they reside within the process. Than you go back to your risk template and add the key controls to the identified risks to show that you meet all of your assertions.
    After that the Testing starts.
    Have fun…

    0
  • S

    Hi there,
    What you to do is to look at SoX from a business prospective. you do not need to be an IT guru to implement COBIT.
    Regards

    0
Log in to reply