This is a wonderful article. However, compliance on current systems was required by 12-31-04. New systems must be documented and tested as they are procured or created.
This would have been excellent guidance for when I started my process in the middle of 2003.
Thank you.
Discussion on:
View:
Show:
I agree this is a very useful article. However I must point out that it is still very timely for firms for whom the Sox compliance deadline is still to come -- public companies under $75 Mln, some with overseas operations, and some whose fiscal 2004 doesn't end until 2005.
The date by which a company has to be compliant is driven by their fiscal calendar. This isn't Y2K where all systems needed to be compliant by a common date.
There are many companies still undergoing testing and remediation.
There are many companies still undergoing testing and remediation.
...Compliance isn't a once-and-out exercise. S-Ox audits are with us for the long run. Every year auditors will come looking for evidence of remediation and to make sure no new issues have arisen.
One item mentioned repeatedly was effectivness. Get real! There is never enough time or money to do it right. Get it done - get us in compliance and we'll worry about tomorrow later.
Pls visit www.approva.net and take a look at their product offerings for enterprise controls management
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
