Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.softlanding.com The Software Management Experts How to Achieve SOX Compliance Faster Presented by Laurie LeBlanc SoftLanding Systems.

Published byJody Tate Modified over 9 years ago

Similar presentations

Presentation on theme: "Www.softlanding.com The Software Management Experts How to Achieve SOX Compliance Faster Presented by Laurie LeBlanc SoftLanding Systems."— Presentation transcript:

1 www.softlanding.com The Software Management Experts How to Achieve SOX Compliance Faster Presented by Laurie LeBlanc SoftLanding Systems

2 www.softlanding.com The Software Management Experts Agenda SOX : Opportunity or Burden? IT Control Framework Software Tools –Change Management –Testing –Security Q & A

3 www.softlanding.com The Software Management Experts Opportunity or Burden? The Sarbanes - Oxley Act of 2002

4 www.softlanding.com The Software Management Experts An Annual Event Title IV Sect 404 - Each annual report must include an “internal control report” –The CEO/CFO are responsible for an adequate internal control system –Must identify internal control framework used –A certified assessment by the CEO/CFO of the control’s effectiveness –An external auditor must also attest to the accuracy of these assertions

5 www.softlanding.com The Software Management Experts COBIT (Control Objectives for IT) COBIT - IT Governance Maturity Model 0. Non-Existent 1. Initial / Ad Hoc 2. Repeatable but Intuitive 3. Defined Process 4. Managed and Measurable 5. Optimized

6 www.softlanding.com The Software Management Experts Where Do I Begin?

7 www.softlanding.com The Software Management Experts COBIT, How Software Products Apply

8 www.softlanding.com The Software Management Experts 300+ specific COBIT objectives Of those, 164 pertain to SOX Of those, 64 can be met with SoftLanding tools COBIT and SOX

9 www.softlanding.com The Software Management Experts For instance… Job Change and Termination (P07.8) –Management should ensure that appropriate and timely actions are taken regarding job changes and terminations so that internal controls and security are not impaired by such occurrences. Software tools do not apply

10 www.softlanding.com The Software Management Experts However… System Software Change Controls (A13.6) –Procedures should be implemented to ensure that system software changes are controlled in line with the organization’s change management procedures. Change Management tools directly apply

11 www.softlanding.com The Software Management Experts SLS Tools and COBIT Objectives

12 www.softlanding.com The Software Management Experts TurnOver Change Management

13 www.softlanding.com The Software Management Experts Reports

14 www.softlanding.com The Software Management Experts Auditing Specific Changes Easy to audit full lifecycle –Initial request –Task approval –Development work –Testing results –Change approvals –How & when changes went live All from a single iSeries database

15 www.softlanding.com The Software Management Experts TurnOver Change Management Repeatable process plus: Approval enforcement Authorities by application & development level Change history Standardized controls

16 www.softlanding.com The Software Management Experts TurnOver Workflow COBIT Section A14 – Develop & Maintain Procedures

17 www.softlanding.com The Software Management Experts Issue Tracking COBIT Section DS10 – Manage Problems and Incidents

18 www.softlanding.com The Software Management Experts Issue Tracking

19 www.softlanding.com The Software Management Experts Issue Tracking

20 www.softlanding.com The Software Management Experts Project Management COBIT Section PO10 – Manage Projects

21 www.softlanding.com The Software Management Experts Project Management Repeatable workflow & authorities: Save time Increase control Improve predictability

22 www.softlanding.com The Software Management Experts Project Management

23 www.softlanding.com The Software Management Experts Project Management

24 www.softlanding.com The Software Management Experts Development COBIT Sections A16 & DS9 – Manage Changes – Manage the Configuration

25 www.softlanding.com The Software Management Experts Development

26 www.softlanding.com The Software Management Experts Development

27 www.softlanding.com The Software Management Experts Development

28 www.softlanding.com The Software Management Experts Development TurnOver provides for: Object stamping and versioning Emergency changes –Pre-established criteria –Done within the system Audit trail of all program changes

29 www.softlanding.com The Software Management Experts Test & Deploy C OBIT Section A15 – Install & Accredit System

30 www.softlanding.com The Software Management Experts Test & Deploy TurnOver will: Create/maintain test environments Facilitate communication between dev, QA, users & project managers Enforce approval procedures Provide audit trail

31 www.softlanding.com The Software Management Experts Test & Deploy

32 www.softlanding.com The Software Management Experts Production C OBIT Objectives A15.12 & A16.8 – Promotion to Production – Distribution of Software

33 www.softlanding.com The Software Management Experts Production

34 www.softlanding.com The Software Management Experts Production

35 www.softlanding.com The Software Management Experts Summary

36 www.softlanding.com The Software Management Experts Testing Tools and COBIT Objectives

37 www.softlanding.com The Software Management Experts TestBench COBIT Sections A15 and PO10 - Install/Accredit Systems - Manage Projects

38 www.softlanding.com The Software Management Experts TestBench COBIT Objective A15.7 – Testing of Changes COBIT Objective A15.11 – Operational Test

39 www.softlanding.com The Software Management Experts TestBench COBIT Objectives: A12.15, A13.4, A15.6, 15.8 PO10.8-9, PO10.11

40 www.softlanding.com The Software Management Experts TestBench COBIT Objective A15.9 – Final Acceptance Test

41 www.softlanding.com The Software Management Experts SLS Tools and COBIT Objectives

42 www.softlanding.com The Software Management Experts Security Tools COBIT Section DS5 – Ensure Systems Security

43 www.softlanding.com The Software Management Experts PowerLock NetworkSecurity Covers COBIT Objectives: DS5.2, DS5.3, DS5.7, DS5.10 and DS5.11

44 www.softlanding.com The Software Management Experts Covers COBIT Objectives: DS5.1, DS5.2, DS5.4, DS5.5, DS5.9, DS5.10 PowerLock SecurityAudit

45 www.softlanding.com The Software Management Experts VISUAL Security Covers COBIT Objectives: DS5.6, DS5.7, DS5.10 and DS5.11

46 www.softlanding.com The Software Management Experts SoftMenu Covers COBIT Objectives: DS5.3, DS5.4, DS5.5 and DS5.9

47 www.softlanding.com The Software Management Experts Experience Counts "TurnOver and SoftMenu played a big part in our preparations for Sarbanes-Oxley compliance. They're always very strong during audits – they're never challenged." — Jerry Bell Director of Systems Development Oshkosh B'Gosh Inc.

48 www.softlanding.com The Software Management Experts Thank You! Contact SoftLanding to discuss how our products can help you achieve SOX compliance faster: (800) 545-9485 or (603) 924-8818 Email lauriel@softlanding.com: For questions related to this Presentation SoftLanding SOX Resources Page: www.softlanding.com/sox

Download ppt "Www.softlanding.com The Software Management Experts How to Achieve SOX Compliance Faster Presented by Laurie LeBlanc SoftLanding Systems."

Similar presentations

Enhanced XA Security CISTECH Security Solutions Belinda Daub, Senior Consultant Technical Services 704-814-0004.

Enhanced XA Security CISTECH Security Solutions Belinda Daub, Senior Consultant Technical Services
IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….

IT Web Application Audit Principles Presented by: James Ritchie, CISA, CISSP….
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.

USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
CIP Cyber Security – Security Management Controls

CIP Cyber Security – Security Management Controls
Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT.

GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT.
ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.

ACG 6415 SPRING 2012 KRISTIN DONOVAN & BETH WILDMAN IT Security Frameworks.
Finance at Microsoft.

Finance at Microsoft.
Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.

Validata Release Coordinator Accelerated application delivery through automated end-to-end release management.
ICAO Provisions for Safety Management

ICAO Provisions for Safety Management
TI BISNIS ITG using COBIT &

TI BISNIS ITG using COBIT &
COBIT - II.

COBIT - II.
IT Governance Capability Maturity within Government

IT Governance Capability Maturity within Government
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
1 Archive Access Audit Keys to Effective Compliance Lifecycle Management.

1 Archive Access Audit Keys to Effective Compliance Lifecycle Management.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation

Similar presentations

Ads by Google