|
Sarbanes-Oxley (SOX) Readiness
Sarbanes-Oxley readiness requires a lot more than financial controls – it requires careful attention to your IT infrastructure.
Taos has the IT experience that apps and financial teams typically don’t have. And we’ve already been through the SOX readiness and audit process with multiple clients to help them meet their requirements.
Our SOX Readiness offering is expertly conducted and managed by our Professional Services Group, using our proven vendor-neutral methodology of implementing best-of-breed practices, technologies, and procedures.
We begin by working with you to collect and review all existing documentation, network diagrams, and policies. With that as a foundation, we conduct technical interviews with select members of your team for more detail. We then review the results and provide an objective analysis of your environment and documentation based upon your specific SOX requirements and standards including:
- COBIT – IT control objectives
- COSO – framework for internal controls
- ISO17799 – security standards
- ITIL – Information Technology Infrastructure Library
Next, we work with you to identify gaps and develop a SOX Readiness action plan to implement needed improvements. Deployment of the SOX Readiness plan is accomplished by leveraging and complementing the strengths of your existing staff with select specialists from Taos as needed to get the job done. From project managers to dedicated hands-on system and network administration experts, we offer a variety of engagement styles to fit your needs. With our extensive experience using and supporting a mix of open source, commercial, and custom solutions, we are able to help you achieve the lowest hardware, software, and support costs while rendering the highest degree of usability, security, availability, and SOX compliance.
The result is a SOX-ready operation that includes:
- A robust and secure IT infrastructure
Since 1989 – long before “Sarbanes-Oxley” – Taos has helped companies establish secure and robust IT networks.
- Appropriately defined and verified controls
Risk assessment consultants rarely understand the details of IT. We are armed with real-world examples of IT processes and technologies that meet SOX compliance. Controls are verified as effective through our detailed review of documentation, testing of procedures, and interactive consultation with your pre-auditor or auditor.
- Processes and policies that implement the controls
We have experience working with auditors to map required documentation onto their controls. Through our experience, we have developed an insightful understanding of the infrastructure technologies, architectures, operating procedures, and documentation standards that work. We know the drill and can supply what you need.
- Complete documentation that demonstrates compliance
We interview staff members and write or re-write documentation in a standard format that accurately captures your IT processes, then show how the processes and documentation satisfy the requirements of the auditor.
- Employees who understand and follow the processes
After defining, implementing, verifying, and documenting the processes, we can work with you to develop the necessary training plans and conduct training that assures your employees understand the processes. And we work with you to design and implement a mechanism to assure that processes are followed, tested, periodically reviewed, and updated as required.
We consider your success our success. Contact us today or call us at 1-888-826-7686 to discuss how Taos can help you achieve SOX Readiness.
Next >>
|
