presented by laurie leblanc softlanding systems l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
How to Achieve SOX Compliance Faster PowerPoint Presentation
Download Presentation
How to Achieve SOX Compliance Faster

Loading in 2 Seconds...

play fullscreen
1 / 48

How to Achieve SOX Compliance Faster - PowerPoint PPT Presentation


  • 141 Views
  • Uploaded on

Presented by Laurie LeBlanc SoftLanding Systems. How to Achieve SOX Compliance Faster. Agenda. SOX : Opportunity or Burden? IT Control Framework Software Tools Change Management Testing Security Q & A. The Sarbanes - Oxley Act of 2002. Opportunity or Burden?. An Annual Event.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'How to Achieve SOX Compliance Faster' - vinnie


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
agenda
Agenda
  • SOX : Opportunity or Burden?
  • IT Control Framework
  • Software Tools
    • Change Management
    • Testing
    • Security
  • Q & A
the sarbanes oxley act of 2002
The Sarbanes - Oxley Act of 2002

Opportunity or Burden?

an annual event
An Annual Event
  • Title IV Sect 404 - Each annual report must include an “internal control report”
    • The CEO/CFO are responsible for an adequate internal control system
    • Must identify internal control framework used
    • A certified assessment by the CEO/CFO of the control’s effectiveness
    • An external auditor must alsoattest to the accuracy of these assertions
cobit control objectives for it
COBIT (Control Objectives for IT)

COBIT - IT Governance Maturity Model

0. Non-Existent

1. Initial / Ad Hoc

2. Repeatable but Intuitive

3. Defined Process

4. Managed and Measurable

5. Optimized

slide8

COBIT and SOX

  • 300+ specific COBIT objectives
  • Of those, 164 pertain to SOX
  • Of those, 64 can be met with SoftLanding tools
for instance
For instance…
  • Job Change and Termination (P07.8)
    • Management should ensure that appropriate and timely actions are taken regarding job changes and terminations so that internal controls and security are not impaired by such occurrences.
  • Software tools do not apply
slide10

However…

  • System Software Change Controls (A13.6)
    • Procedures should be implemented to ensure that system software changes are controlled in line with the organization’s change management procedures.
  • Change Management tools directly apply
auditing specific changes
Auditing Specific Changes
  • Easy to audit full lifecycle
    • Initial request
    • Task approval
    • Development work
    • Testing results
    • Change approvals
    • How & when changes went live
  • All from a single iSeries database
turnover change management15
TurnOver Change Management

Repeatable process

plus:

  • Approval enforcement
  • Authorities by application & development level
  • Change history
  • Standardized controls
turnover workflow
TurnOver Workflow

COBIT Section A14 – Develop & Maintain Procedures

issue tracking
Issue Tracking

COBIT Section DS10 – Manage Problems and Incidents

project management
Project Management

COBIT Section PO10 – Manage Projects

project management21
Project Management

Repeatable workflow

& authorities:

  • Save time
  • Increase control
  • Improve predictability
development
Development

COBIT Sections A16 & DS9 – Manage Changes – Manage the Configuration

development28
Development

TurnOver provides for:

  • Object stamping and versioning
  • Emergency changes
    • Pre-established criteria
    • Done within the system
  • Audit trail of all program changes
test deploy
Test & Deploy

COBIT Section A15 – Install & Accredit System

test deploy30
Test & Deploy

TurnOver will:

  • Create/maintain test environments
  • Facilitate communication between dev, QA, users & project managers
  • Enforce approval procedures
  • Provide audit trail
production
Production

COBIT Objectives A15.12 & A16.8 – Promotion to Production – Distribution of Software

testbench
TestBench

COBIT Sections A15 and PO10

- Install/Accredit Systems

- Manage Projects

testbench38
TestBench

COBIT Objective A15.7 – Testing of Changes

COBIT Objective A15.11 – Operational Test

testbench39
TestBench

COBIT Objectives: A12.15, A13.4, A15.6, 15.8 PO10.8-9, PO10.11

testbench40
TestBench

COBIT Objective A15.9 – Final Acceptance Test

security tools
Security Tools

COBIT Section DS5 –Ensure Systems Security

powerlock networksecurity
PowerLock NetworkSecurity

Covers COBIT Objectives:

DS5.2, DS5.3, DS5.7, DS5.10 and DS5.11

powerlock securityaudit
PowerLock SecurityAudit

Covers COBIT Objectives:

DS5.1, DS5.2, DS5.4, DS5.5, DS5.9, DS5.10

visual security
VISUAL Security

Covers COBIT Objectives:

DS5.6, DS5.7, DS5.10 and DS5.11

softmenu
SoftMenu

Covers COBIT Objectives:

DS5.3, DS5.4, DS5.5 and DS5.9

experience counts
Experience Counts

"TurnOver and SoftMenu played a big part in ourpreparations for Sarbanes-Oxley compliance.They're always very strong during audits – they're never challenged."

— Jerry Bell Director of Systems Development Oshkosh B'Gosh Inc.

thank you
Thank You!
  • Contact SoftLanding to discuss how our products can help you achieve SOX compliance faster:

(800) 545-9485 or (603) 924-8818

  • Email lauriel@softlanding.com:

For questions related to this Presentation

• SoftLanding SOX Resources Page:

www.softlanding.com/sox