Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Guide available for Sarbanes-Oxley IT control objectives

ISACA : 08 December, 2014  (New Product)
ISACA is providing its membership with a free guide to enable them to understand the IT control objectives of the Sarbanes-Oxley regulations
Guide available for Sarbanes-Oxley IT control objectives

To help executives and information technology (IT) professionals focus on performing an IT assessment for financial reporting controls in line with Sarbanes-Oxley and similar legislation, global IT association ISACA has released IT Control Objectives for Sarbanes-Oxley, 3rd Edition.

“Significant changes and enhancements were made in the regulatory environment and with professional guidance in recent years,” said Ken Vander Wal, CISA, CPA, past international president of ISACA. “Coupled with lessons learned that come from a decade of experience in the application of internal controls in a technology landscape, a refreshed approach to Sarbanes-Oxley compliance was needed. This latest guide will help professionals align with these changes in the industry.”

IT Control Objectives for Sarbanes-Oxley was first published in 2004 and has been updated with input and direction from global experts from many organizations, including several accounting and professional firms. Companies worldwide have used it as a tool for design, implementation and assessment of IT controls in support of Sarbanes-Oxley compliance and other global financial reporting requirements.

The third edition is in response to significant changes and updates in the industry. For example, ISACA released COBIT 5, an update to the business and IT framework, in 2012. Many organizations subject to the Sarbanes-Oxley Act have used COBIT 4.1. This guide provides a road map from COBIT 4.1 to COBIT 5 for the design of IT general controls frameworks to achieve and sustain SOX compliance, and for their internal and external auditors and consultants to assess the effectiveness of the control environment. Other changes that prompted the update include:

* The Public Company Accounting Oversight Board (PCAOB) issued Auditing Standard No. 5 (AS 5), “An Audit of Internal Control Over Financial Reporting That is Integrated with An Audit of Financial Statements” in 2007 as a replacement for the prior AS 2. This new standard contained major amendments to the requirements for the audit, including a more risk-based approach.

* The Committee of Sponsoring Organisations of the Treadway Commission (COSO) released its updated Internal Control-Integrated Framework in 2013. COSO is the framework used by most organizations to meet their responsibilities under the Sarbanes-Oxley Act to maintain a system of internal control over financial reporting. ISACA has closely aligned the COBIT 5 framework to COSO.

* Auditors of the organizations that must comply with the Sarbanes-Oxley Act typically rely extensively on independent attestation audits of third-party service organizations. The Auditing Standard Board (ASB) recently promulgated Statement on Standards for Attestation Engagements No. 16 (SSAE16), Reporting on Controls at a Service Organization. SSAE 16 replaces Statement on Auditing Standards No. 70 (SAS 70), Service Organizations, which has been an important element of compliance with Sarbanes-Oxley.

IT Control Objectives for Sarbanes-Oxley, 3rd Edition is available as a free download for ISACA members and is available for purchase by nonmembers.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo