Gillani's
Sarbanes-Oxley Focus
Helping you Achieve Section 404 Compliance
Today's financial reporting process is critically dependent upon IT systems comprising software applications, databases, operating systems, networks and more. Building upon an extensive background in successfully implementing ERP transaction-processing systems for over 20 years, Gillani now offers services in assessing the current state of IT control environment and designing controls necessary to meet the directives of Sarbanes-Oxley section 404. General Computing Controls (GCCs) are designed to ensure that the financial information generated from an organization’s application systems can be relied upon, and should include the following types where applicable:
- Data Center Operation
Controls
Controls such as job setup and scheduling, operator actions, and data backup
and recovery procedures
- System Software Controls
Controls over the effective acquisition, implementation and maintenance of
system software, database management, telecommunications software, security
software and utilities
- Access Security Controls
Controls that prevent inappropriate and unauthorized use of the system
- Application System
Development and Maintenance Controls
Controls over development methodology, including system design and
implementation, that outline specific phases, documentation requirements, change
management, approvals and checkpoints to control the development or maintenance
of the project.
Gillani Section 404
Compliance Services Answer the Questions...
- Is your assessment of IT control over financial reporting in compliance with
Sarbanes-Oxley
section 404?
- Are your security levels for network, software and data, adequately aligned
with your GCC
controls?
- Is there a framework for assessment of GCC controls in place?
- Are your IT processes aligned with your GCC controls?
...and Manages the Answers.