RETIRED CONTENTPlease note that the content on this page is retired. This content is not maintained and may contain information or links that are out of date.
Enterprises that must comply with Sarbanes-Oxley (SOX) need to conduct a pre-audit that tests the integrity of internal controls before external auditors arrive for the yearly SOX audit. To do this, IT must:
- Map the definition of an internal control to the system processes and applications within IT's control.
- Understand the meanings of different control types.
- Test controls using standardized control test sheets.
The guidance provided by this worksheet will help publicly-traded enterprises – as well as private organizations simply looking to strengthen security – reduce the risk of poor audit results.