Archive for the 'framework' Category

Download sample SOX Segregation of Duties Matrix

A fundamental element of internal control is the segregation of certain key duties. The basic idea underlying segregation of duties is that no employee or group should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties. In general, the principal incompatible duties to be […]

Popularity: 2% [?]

July 8th, 2008 | Posted in download, framework, template | No Comments

How to choose the right SOX framework and methodology?

Since there is a lot of framework and methodology available, the company should choose the right framework and methodology that suitable for the company. Some guidance that could be used in these cases is the framework must:
1. Must be directed at the right target (more value from IT)
Since the target is for SOX compliance, the […]

Popularity: 61% [?]

April 11th, 2008 | Posted in FAQ, article, framework, methodology | No Comments

Who has access to system log?

Every company that would comply with Sarbanes Oxley compliances need to carefully design control regarding system log management. From COBIT for SOX published by ISACA we know that we can apply this control statement regarding this case: “System event data are sufficiently retained to provide chronological information and logs to enable the review, examination and […]

Popularity: 69% [?]

April 4th, 2008 | Posted in article, framework, security, software | No Comments