Best place to start 2787

  • Hi all,
    My name is Jacob, and I’ve been doing IT work for about 10 years, primarily installing, configuring and troubleshooting networks.
    I’ve recently come to the conclusion that I am getting kind of burnt out on the Computer industry, and have started looking for a new avenue.
    I worked out a company that implemented SOX compliancy within the organization a couple of years ago, which is where I first became aware of Sarbanes-Oxley. About a year ago, I had the idea of becoming someone that companies would call to see if they are SOX compliant. Well, here I am.
    I’ve done some searching around on the Internet, and came across the forums here (w00t) and look forward to getting to know everyone here during my initiation process.
    I’ve got the Law downloaded, and am currently reading with the intent of understanding, so I’ll be searching the forums for the same questions I have to see if anyone had them.
    Apart from reading, what other resources does everyone recommend? Is it worth going to the bootcamps? I am limited on funds at this time, but am willing to hear all suggestions that can be implemented when times are better, but for the time being, what should I be reading?
    Again, thanks for the forums, and hope all is well with everyone.

  • In addition to the law, I recommend to read:

    1. the SEC’s final rules that implement the law. Look at in the section Final Rulemaking. It is not a complete list of final rules because there have been further rules after this list was created
    2. PCAOB Auditing Standard No. 5 at
      However, it is hard to put things in perspective if you have no prior knowledge of US Securities Law. The Act mostly amends the Securities and Exchange Act of 1934.

  • Before investing too much time and energy into this, I would recommend researching the market demand for IT controls experts who are not part of a public accounting firm. I would think that the demand might be pretty low. You may find the greatest opportunities are within public accounting firms. You could either be on the audit or consulting side.
    Assuming that you are going to leverage your IT background, ensure that you acquire and read the COBIT literature. That is pretty much the Bible of IT controls.
    Best of luck in taking that next step.

Log in to reply