SOX Testing in IT
Hello!
I’m looking for resources or materials related to SOX testing controls specifically for Information Technology. Any guidance would be appreciated!
- 7 Winnersh Fields, Gazelle Close, Winnersh RG41 5QS
- +44 1189 120700
- Home
- Blog
- Accounts Payable Audits
- Accounting
- Audit
- Home
- Blog
- Accounts Payable Audits
- Accounting
- Audit
© 2025 accountspayableaudit.co.uk. Created for free using WordPress and Kubio
SOX Testing, IT
Latest Comments
© 2025 accountspayableaudit.co.uk. Created for free using WordPress and Kubio
One response
Hi! You can find SOX (Sarbanes-Oxley Act) testing controls related to Information Technology primarily from the following sources:
Internal Controls Frameworks: Frameworks such as COSO (Committee of Sponsoring Organizations) provide guidance on internal controls which can be tailored for IT SOX compliance.
SAS 70/SSAE 18 Reports: If you work with third-party service providers, they may have SAS 70 or SSAE 18 reports that outline the controls they have in place, which can be relevant for SOX compliance.
Professional Organizations: Organizations like ISACA (Information Systems Audit and Control Association) and IIA (Institute of Internal Auditors) often publish resources and guidelines on SOX compliance for IT.
CPA Firms: Many Accounting firms that specialize in SOX compliance provide detailed documentation and templates that can be useful for your testing.
SOX Compliance Software: There are various compliance management tools available that offer built-in controls and testing procedures tailored for SOX requirements.
Regulatory Bodies: The SEC (Securities and Exchange Commission) and PCAOB (Public Company Accounting Oversight Board) issue guidelines that may include IT-related controls relevant to SOX.
Be sure to tailor any controls or templates you find to your specific organizational context, as compliance requirements can vary. Good luck!