pop avata

BPO Journal

Sunday, May 15, 2005

Of SOX Compliance, and IT and Process Controls

Internal control over financial reporting, as mandated by Section 404 of SOX, is, to a large extent, contingent on allied process and technology controls.

The following document provides a beginner's guide to three popular frameworks or methodologies that bring discipline to software development and IT processes. These include: ITIL, a library of best practices for the provision of quality IT services, COBIT, an IT governance framework that can be applied to the entire IT realm and its processes in general, and the Capability Maturity Model (CMM), a more detailed and granular approach to controlling individual processes within the IT realm. It also investigates the role of software configuration management (SCM) and process/workflow management solutions in implementation of critical processes that provide reliable data for an IT audit.

For a comprehensive treatment of IT controls as they pertain to internal control over financial reporting, refer to the document "IT Control Objectives for Sarbanes-Oxley" authored by the IT Governance Institute (http://www.itgi.org).

Outsourcing news
Blogcritics: news and reviews Blogarama - The Blog Directory Blogwise - blog directory Listed on BlogShares

     Take this Offshoring Survey