Archive for the 'framework' Category

ITIL Maturity Assessment Report Templates

Download Free ITIL (Information Technology and Infrastructure Library) Maturity Assessment Report Templates. This Template could be used as part of your SOX/Sarbanes Oxley Assessment for IT Readiness

This ITIL Assessment Report focusing on ITIL area such as: Service Desk, Incident Management, Problem Management, Change Management, and Service Level Management. The result of this report which contain […]

Popularity: 11% [?]

SOX vs JSOX vs Bill 198 vs Clerp 9: Global SOX version around the world

Everyone talks about Sarbanes-Oxley (SOX), but it’s certainly not the only law shaping governance today. Numerous countries have enacted legislation to improve governance. As with the United States, many of these countries have passed legislation in response to the outcry over corporate scandals. Although they differ by name, the laws passed by various countries have […]

Popularity: 12% [?]

Download sample SOX Segregation of Duties Matrix

A fundamental element of internal control is the segregation of certain key duties. The basic idea underlying segregation of duties is that no employee or group should be in a position both to perpetrate and to conceal errors or fraud in the normal course of their duties. In general, the principal incompatible duties to be […]

Popularity: 89% [?]

How to choose the right SOX framework and methodology?

Since there is a lot of framework and methodology available, the company should choose the right framework and methodology that suitable for the company. Some guidance that could be used in these cases is the framework must:
1. Must be directed at the right target (more value from IT)
Since the target is for SOX compliance, the […]

Popularity: 28% [?]

Who has access to system log?

Every company that would comply with Sarbanes Oxley compliances need to carefully design control regarding system log management. From COBIT for SOX published by ISACA we know that we can apply this control statement regarding this case: “System event data are sufficiently retained to provide chronological information and logs to enable the review, examination and […]

Popularity: 15% [?]