COBIT Forums and Information

.: THE CONTROLIT USER GROUP - Dedicated to Supporting COBIT Users:.
   The Independent Support Group for IT Governance and COBIT
   Welcome Guest! Click here to Create A Free Account. March 10, 2014  
 .:Modules
· Trang chủ
· FAQ
· Feedback
· Forums
· Recommend Us
· Search
· Statistics
· Submit News
· Surveys
· Top 10
· Topics
· Web Links
· Your Account


 .:Who's Online
Hiện tại có 100 khách và 4 thành viên đang online.

Bạn là khách. Bạn có thể đăng kí bằng cách nhấn vào đây


 .:COBIT Trademark
COBIT is a trademark of the Information Systems Audit and Control Association and the IT Governance Institute.

ISACA/ITGI does not endorse, approve or sponsor any activities identified on this web site, nor is ISACA/ITGI affiliated in any manner with this web site, the activites hereunder, or the ControlIT User Group.


 .:Search




 .:Security Resources
ISACA
BS7799
Security Policies


 .:Page Views
Chúng tôi đã nhận
16102389
lượt xem từ Sept 2004


COBIT Forums and Information: Forums

ControlIT User Group: COBIT :: View topic - Beginner's Questions: SOX & COBIT
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Beginner's Questions: SOX & COBIT

 
Post new topic   Reply to topic    ControlIT User Group: COBIT Forum Index -> The Sarbanes-Oxley Act
View previous topic :: View next topic  
Author Message
queenbee
Newbie
Newbie


Joined: May 09, 2006
Posts: 1

PostPosted: Wed May 10, 2006 5:58 am    Post subject: Beginner's Questions: SOX & COBIT Reply with quote

Hi,

I need to implement SOX compliance in my company. How do COBIT and SOX relate to each other?

While implementing COBIT, do I need to implement all the 318 control objectives?

What is section 404 and where does that come into the picture?

I am new to this field and would appreciate any help.

Thanks.
Back to top
View user's profile
Calvin
Newbie
Newbie


Joined: Sep 13, 2006
Posts: 13

PostPosted: Thu Sep 14, 2006 4:22 am    Post subject: Reply with quote

Refer to the Document IT control Objectives for Sarbanes Oxley (2nd Edition) from ITGI where a mapping is provided between PCAOB suggested IT processes for SOX compliance and COBIT elements. But this is for IT process level controls and not IT ELC.

The document is a Exposure draft and its not a final release.

Calvin
Back to top
View user's profile
chip_council
Newbie
Newbie


Joined: Apr 04, 2007
Posts: 5
Location: Minneapolis, MN

PostPosted: Thu Apr 05, 2007 6:13 am    Post subject: Reply with quote

Calvin wrote:
Refer to the Document IT control Objectives for Sarbanes Oxley (2nd Edition) from ITGI where a mapping is provided between PCAOB suggested IT processes for SOX compliance and COBIT elements. But this is for IT process level controls and not IT ELC.

The document is a Exposure draft and its not a final release.

Calvin


If your Assurance function is becoming too complicated you may also want to look at the Universal Compliance Project (itcinstitute.com)

Chip
_________________
Chip Council, PhD, CISM
Senior Process Analyst - Target Corporation
Senior Lecturer, Carlson School of Management, University of Minnesota
Adjunct Professor, Department of Computer Science, Department of Information and Computer Sciences, Metro State U
Back to top
View user's profile Send e-mail Visit poster's website
jgrisi
Newbie
Newbie


Joined: May 08, 2007
Posts: 1

PostPosted: Tue May 08, 2007 11:48 pm    Post subject: Re: Beginner's Questions: SOX & COBIT Reply with quote

queenbee wrote:
How do COBIT and SOX relate to each other?

COBIT is an IT governance frame work that can help you achieve SOX compliance for IT. There are others (ITIL, CMM, Six Sigma, etc.), but COBIT is a generally accepted standard.

queenbee wrote:
While implementing COBIT, do I need to implement all the 318 control objectives?

You could, if you had the time and resources. You'll more then likely find yourself implementing the controls that best help your company. Remember that there is a business objective driving your need to implement COBIT.

queenbee wrote:
What is section 404 and where does that come into the picture?

Section 404 is a section of the Sarbanes Oxley Act that pertaints to management's assessment of internal controls. This basically means an internal audit, whether done in-house or contracted out to a consultant. 404 is necessary for the completion of Section 302, the sign-off of corporate officers on internal controls.

Check out the IT Control Objectives for Sarbanes Oxley (as mentioned above):
isaca.org/Content/ContentGroups/Research1/Deliverables/IT_Control_Objectives_for_Sarbanes-Oxley_2nd_research.pdf

Hope that helped!

Josh
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    ControlIT User Group: COBIT Forum Index -> The Sarbanes-Oxley Act All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.10 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

COBIT trademark of ISACA. Logos & trademarks property of respective owners. Comments property posters. Site 2006 The ControlIT User Group.
Software copyrighted 2005, and is free under GNU and GPL licence. Noc 5/2006
 
How to make money online