IT Risks and Controls

Newsletter
IT Risks and Controls

Guide to the Sarbanes-Oxley Act: IT Risks and Controls (2nd Edition)

Guide to the Sarbanes-Oxley Act: IT Risks and Controls (Second Edition) provides guidance to Section 404 compliance project teams on the consideration of information technology (IT) risks and controls at both the entity and activity levels within an organization. Questions and answers in the book focus on the interaction between the IT organization and the entity's application and data-process owners, and explain the implications of general IT controls and how they are considered at the process level. This guide also explores how application-control assessments are integrated with the assessment of business-process controls, and addresses documentation, testing and remediation matters.

 

Ready to work with us?