Beruflich Dokumente
Kultur Dokumente
Sarbanes-Oxley
Act:
Automate
Compliance
Processes
Throughout
System Lifecycle
Jeanne Morain
Transaction
Walkthroughs
(PCAOB p71-
82)
Finance Systems
Interfaces
Procurement System
Flow
IT General Controls
IT Application Controls
Control Documentation
A significant task!
Work involved depends on companys
starting point on control documentation
Many companies dont have good control
documentation.
Number of impacted systems could include
over 100 individual application systems.
Manually obtaining the list
of impacted systems
can take months
Control Documentation
Minimum Requirements for Control
Documentation
Control gaps
Associated risks
Control activities
Control testing
& evaluation
Plans to fix the gaps
Control Framework
BUSINESS OBJECTIVES
COBIT
INFORMATION
effectiveness
efficiency
confidentiality
integrity
availability
compliance
reliability
MONITORING
IT RESOURCES
DELIVERY AND
SUPPORT
PLANNING AND
ORGANIZATION
data
application systems
technology
facilities
people
ACQUISITION AND
IMPLEMENTATION
S-OX/404 Compliance
The control evaluation, documentation
and testing are major tasks involving
significant allocations of resources
primarily people and software.
Implementation of systems based control
software should result in process /
control consistency and a reduced
investment of people resources for
the control evaluation efforts.
Compliance Automation
Automated Business Processes throughout Client Lifecycle
Data Center
Procurement
Provisioning
Partners/Customers
Outside
The Firewall
Help Desk
Call Center
Network
Operations
End Users
Regulatory
Controls
Inside/Outside
The Firewall
Remedy Solutions
Marimba Solution
Marimba Desktop/Mobile/Server
Management Solution
Marimba Integration for Remedy, is a jointly developed, fullydocumented productized integration that features: