Basic Knowledge 288
Denis last edited by
An observation I’ve made is that many of the questions on this site seem to stem from a basic lack of knowledge of what SOx is (and isn’t). I thought it might be useful to provide a few links to excellent sources of information:
PwC: Several white papers and links to other information from here:
Protiviti: There are 4 PDFs to download from here including an excellent guide to S404 and also one for S302
COSO: Not as useful a site as one would hope, but nevertheless it is the model we’re all using.
ISACA: Unfortunately you don’t get access to the entire CobIT framework without buying it, but there are a number of useful links here. Pay particular attention to the IT Control Objectives for Sarbanes-Oxley which is a very useful paper that maps the CobIT objectives to COSO.