Entrepreneurial Spirit. Independent expertise.

SOX 404 Compliance

IT systems are the foundation for many of the critical business processes in an organization. Accordingly, the quality of controls over IT has a direct impact on the effectiveness of controls that manage those critical functions. Scope requirements for many types of audits, such as SOX 404, HIPAA and GLBA include IT general controls related to the security, integrity, confidentiality and availability of the organization’s critical data.

IT Audit Support services are a seamless component of GBQ’s audit services, including financial reporting, internal audit program development, privacy and fraud. Leveraging his operations, security and compliance experience,¬†Mike conducts a focused assessment that fully supports the scope of the audit and addresses the unique operating environment of the client.

A common IT Audit engagement related to Sarbanes Oxley typically includes:

  • Develop appropriate documentation of policies and procedures
  • Facilitate Risk Assessment development
  • Identify and establish relevant Control Objectives and related control activities
  • Develop and execute a management testing program to meet Section 404 reporting requirements

GBQ can structure relationships that:

  • Support and extend existing internal audit resources
  • Provide out-sourced IT Audit management and execution
  • Provide independent testing of internal audit group programs and procedures

IT Internal Audit & Compliance Methodology

  • Michael Dickson
  • Director of Information Technology Services
  • (614) 947-5259