Free Pricing | JCPenney Coupons | Pizza Hut Coupons | Home Depot Coupons
Lessons learned from Sarbanes-Oxley testing

Lessons learned from Sarbanes-Oxley testing

by Rick Turoczy on February 4, 2005

In an incredible delivery point this year, my team came through. Recently, at an office get-together, we had the opportunity to catch up on the year and some of the Sarbanes-Oxley Act initiatives that we will never forget.

We laughed about the late nights in the data center auditing the systems administrators, flying across the country to place boot-time passwords on critical systems and just making the best of a government mandate when there seemed to be so little information out there for interpreting this topic.

It became evident that the lessons learned from 2004′s Sarbanes-Oxley initiatives could be broken down into three areas: clarity, planning and a repeatable process.

It was critical early on that we needed to be clear on which systems were to be included in the Sarbanes-Oxley audit. While we used a Big Four accounting firm as a trusted adviser, the scope (the systems to be included in the compliance audit) was best defined by the internal data protection manager and a third-party organization that helped us prepare for our Sarbanes-Oxley testing. It was a powerful advantage that the definition of systems as being in scope and identified for testing was a combined effort of our IT audit company, the internal operations teams and the accounting team.

Lessons learned from Sarbanes-Oxley testing

Leave a Comment

Previous post:

Next post: