Use Case

Sarbanes-Oxley (SOX) Testing Compliance Automation

 

Sarbanes-Oxley requires controls around user access management, program changes, and other IT-related processes. By utilizing aggregation and automation, IT and finance departments can apply their evaluation criteria against the total population of the organization’s data.

Risk Reduction

Align with regulatory requirements and have better visibility into testing process

Efficiency Gains

Automate aspects of testing procedures and free up testers to focus on tasks that require a high amount of skill

Bottom-Line Returns

Ensure testing procedures are sound, efficient, and easy to communicate

Business Problem

The Sarbanes-Oxley Act (SOX) requires that IT departments in public companies clearly understand their organization’s financial reporting requirements. IT is also responsible for the support and protection of financial data and the process of reporting it. That includes monitoring and maintaining logs that demonstrate “IT general controls” around user access management, program changes, and other IT-related processes.

SOX compliance thus adds a layer of auditing work for IT departments. Smart IT departments find a way to automate their IT general controls to save them time and effort every year. Plus, the more controls they automate, the fewer controls need to be reviewed by outside auditors.

Analytics Solution

Analytics enables the process of testing IT general controls through automation. They eliminate the need to prove manual controls, which are harder to validate.

With analytics and workflows, companies can apply defined rules to demonstrate that their processes are under consistent control. The rules require employees and users to unequivocally follow established processes. The rules combine with workflows to generate log entries, audit trails, and easy-to-follow reports on compliance. Analytics allows companies to aggregate and automate their testing of IT general controls, then apply criteria such as IT service tickets, HR listings, etc. As SOX has made it increasingly urgent to find and correct errors, automation through analytics provides a necessary alternative to manual review of IT general controls.

 

Additional Resources

 
 
Starter Kit for Office of Finance
Learn More
 
 
Starter Kit for Snowflake

Learn More
 
 
Starter Kit for HR Analytics
Learn More
 
 
Starter Kit for AWS

Learn More
 
 
Automate IT Support Tracking Analytics
Learn More