What comprises most of the work in complying with SOX? 618

  • Hi,
    Just a quick question for all of you IT professionals. In your experience, what comprises a majority of the work in complying with Sarbanes-Oxley? Is it documentation, testing of controls, or anything in particular? I’ve searched for articles relating to this question, but found none.
    I’m an accounting student working on my thesis: Effect SOX has on IT side of business. I’m pretty knowledgable about accouting concepts, but a little weak when it comes to IT techie jargon.
    Thanks in advance

  • IT professionals and SOX…
    It is documentation (IT people hate it :roll: ) and testing.
    It is putting in the same team people with technical background and auditors and asking them to understand each other 8O
    It is that many people with technical background feel that they are undermined… they feel that the company does not trust them… their work is not appreciated…
    It is segregation of duties and change management. Now they must ask permissions every time they want to do something…and they consider it not soproductive (and nobody has respected them explaining the reasons of all these papers)
    It is that many do not understand SOX or they try to use SOX for personal gain.
    It is not work… IT people are not afraid of work.

Log in to reply