Auditing Information Systems under SOX . A Practical Approach at the commencement of year 3. Yigal Rechtman, CPA, CFE, CITP, CISM. Presentation Objectives. Understand the effects of SOX information technology implementation and auditing. Risk based approach to IT audits
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
A Practical Approach at the commencement of year 3
Yigal Rechtman, CPA, CFE, CITP, CISM
Using a service organization
Type 1 reports only concentrate on the design of internal controls.
Using the software development example, the design of the internal controls involve 4 stakeholders and 5 processes: a user (authorizing), a librarian (providing code), a developer (develops code) and a publisher who puts code in production
In the following example, there is appropriate level of segregation of duties between the stakeholders that Authorize, Execute and Retain.
Yigal Rechtman, CPA, CFE, CISM, CITP is a programmer since 1984, served in the Israeli communication corps from 1986 to 1989 and worked as a computer consultant since 1990 in the United States. Rechtman graduated in 1994 from New York University with a B.A. in computer science, and in 2002 with an M.S. in accounting from Pace University. Rechtman’s articles in various professional publications cover topics on fraud, information technologies, internal controls, audit and accounting. Rechtman is a director and computer specialist at Buchbinder Tunick & Co. LLP (New York, NY).