Step 6: Managing and tracking compliance |
 |
| 01 Feb 2006 |
|
|
Most organizations, even small ones, recognize that SOX compliance is a project in and of itself. In the near term, defining tasks like risk assessment, gap analysis, policy and procedure writing, design changes, external consulting, and audits may appear to be one-time tasks. However, as the COSO and COBIT processes suggest, internal control is a continuous process that requires complete integration into the fabric of the organization.
Organizations must establish communications and tracking mechanisms that allow business and technical representatives to understand how each others' processes affect financial reporting accuracy and the state of the controls in each space. There are compliance tracking software packages designed to provide these capabilities. At the very least, a shared information exchange portal (e.g., SharePoint) can be used to great advantage by providing a common place to communicate the progress of compliance activities.
 Home: Introduction
Step 1: Understanding compliance -- Financial and technical standards
Step 2: Scope of compliance
Step 3: Establishing an IT Control Framework
Step 4: Detailed objectives and policies
Step 5: Measuring compliance
 Step 6: Managing and tracking compliance
Step 7: The changing nature of compliance
|
|
|
|
