Certification 2099

  • Hopefully someone can help me.%0AI work for a company that develops a point of sale - inventory management - accounting package for retail stores. 98% of our clients are privately owned but we have a small % that are publically traded. How or where - can I find information on getting our software certified as being compliant with SOX requirements?%0AThanks in advance

  • To my knowledge, there is no such certification.
    What you do need to do, is ensure that your software offers good controls over access to the various modules to help a user maintain good segregation of duties.

  • Hi - As an IT professional, I also agree Kymike that there is no official software certification firm that brands financial packages as being ‘Sox compliant’. However, many vendors advertise that their products are ‘Sox compliant’ or ‘help meet Sox compliancy needs’.
    In my experiences, I’ve found that SOX compliant software should have these attributes:

    • Strong internal application security controls
    • Autonomy and approval controls (flexible based on table driven rules)
    • Change management integration
    • Ability to tailor and adapt for workflow requirements (e.g., Separation of Duties)
    • Could be tailored to meet COBIT 4.0 requirements
      This general search may help also:
      Please add copy to browser and add www
      google.com/search?hl=en-and-q=sox compliant software

  • Thanks for the replies.
    This is very helpful

Log in to reply