SOX IT Audit




We provide high-quality deliverables to help management support its assertions over IT controls. Through our risk-based methodology, we help you narrow the overall scope of work and refine the testing approach so that is sufficient but not excessive or unnecessary.

As part of our SOX IT Audit Services we can help you evaluate IT entity-level controls, general and application controls as well as, end-user computing.  Our goal is to help management streamline the IT audit so that the process is more efficient, meets the SOX requirements and is cost-effective.  Through our SOX IT Audit services we can perform the following tasks:

Documentation – Identify key controls and document or update of narratives and control matrices.  

Testing – Use appropriate audit strategies to evaluate key controls.  Perform walkthroughs (test of design) and/or sample testing (test of effectiveness). Identify and communicate deficiencies and recommendations.

Project Management – Design and document overall compliance strategy related to the IT environment, including scope management, timing, resource assignment, conflict resolution, managing deficiencies and resolution, and reporting related to the IT controls (e.g., general and application controls).  

Continuous Audit and Monitoring Strategies – Assist clients with the configuration and reporting requirements to implement an effective continuous auditing process.