A SAS-70 (Statement Auditing Standards 70) is an audit that must be conducted by a public accounting firm, and the team that performs the audit must be made up of and supervised by CPAs. That being said, many firms require SAS-70s to be performed because they process financial transactions on behalf of other institutions.
The SAS-70 is a specialized report format that was developed by the American Institute of Certified Public Accountants (AICPA). The format was specifically targeted at determining the adequacy of an organization’s internal controls as part of its service offering. The report covers the following areas:
- Physical security (more…)
Popularity: 31% [?]
Some of direct or indirect benefits of ITIL/ITSM for Sarbanes Oxley (SOX) 404:
1. Sarbanes Oxley Act or SEC give no clear guidance for IT, so most of the CIO will enable the IT Infrastructure Library (ITIL), to ensure that their processes for supporting financial data are sound.
2. Sarbanes Oxley Act is about assessing risk. While risk assessment is an element of ITIL, it isn’t the framework’s primary focus.
3. The Sarbanes-Oxley Act requires only that companies establish controls over the systems relating directly to financial reporting. ITIL, Cobit and other frameworks for IT help companies put in place general controls for IT a good thing to have, but much broader than the narrow scope required by law. (more…)
Popularity: 31% [?]
Download free Taxation Testing Control Matrix and SOD Templates.
This templates covers Major process in Taxation cycle which are:
- Verification of Income Tax
- Verification of Accuracy of Tax Calculation
- Review and Ensure the the Tax Calculation is follow the standards
Segregation of Duties between:
- Authorization
- Custody of Assets
- Recording (more…)
Popularity: 41% [?]
Download Free IT Risk Mitigation Templates for Sarbanes Oxley compliances purpose or others related Regulatory Compliance that require an IT Risk Mitigation, this template is created using NIST-SP 800:30 standard for Risk Management Guide for Information Technology Systems. Including Prioritize Actions, Evaluate Recommended Control Options, Conduct Cost-Benefit Analysis, (more…)
Popularity: 69% [?]
Segregation of Duties should be enacted properly especially in the area that having a high risk level. Below sample of the SOD Matrix template that can be used to make your own segregation of duties matrix. Some of the key profile that covered in this templates are: (more…)
Popularity: 74% [?]