Frank plea for help 174



  • My company is embarking on Sarbanes very late having been privately held and wishing to float in 2005. I’ve been speaking to other companies and most took the approcah on IT to issue a control questionnaire to their various locations and then verify the answers.
    Does anyone have samples of the questionnaires they sent out that I can steal from shamelessly? I have nothing to offer but heartfelt thanks and gmail ID invites…
    there are only 10 kinds of people - those who understand binary and those who don’t



  • This post is deleted!


  • This post is deleted!


  • Hi:
    Send me your private email and details in what areas of IT do you want to cover for your company?
    Depending on the role of IT in your company, the depth of audit points may vary.
    Send me more info on your company and your contact details and I will send in couple of CSA templates
    Madhav Vedula CISA
    Sr. Internal Auditor
    mvedula_at_go.com
    Sr.



  • Billem
    Visit isaca.org. Great source of information in particular look for their IT control objectives document that has the ideal controls that should be inpalce already.
    One other point, sending out questionaire would not be the best answer to do SOX. SOX requires a lot of judgement and guidance and to be honest is currently very vague. I would make an effort to have face to face discussions. In fact, I have just been to 7 countries in the last month preaching the risks of SOX for my client and the feedback was that there was no way they could of known the requirements through questionaire.
    Bad idea mate.


Log in to reply