Article: What to Expect in an IT Audit
If you are wondering what happens in an IT audit in the post-SOX world, see the newly posted article IT Audits: What to Expect in the Digitial Library section of the Messaging and Web Security Community site. The article discusses the major areas of audit procedures and provides information on some of the auditing standards commonly used.
The article starts with:
The section of the Sarbanes-Oxley Act (SOX) known as SOX 404 has gotten much attention from IT management. This is not a passing fad; there will not be any regulatory equivalent of a dot com bust—compliance with SOX 404 is here to stay in some form or another. In fact, even if SOX 404 is changed, as many have argued for, other regulatory schemes are in place that influence how IT does its job. With these regulations come requirements for verification—and that means auditing.
Standards and frameworks discussed include:
* Statement of Accounting Standards 94 (SAS 94)
* Committee of Sponsoring Organizations (COSO)
* Control Objectives for Information and related Technology (COBIT)
Links to resources are also provided.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
