Applying Thought Wipro Technologies
About Wipro Newsroom Investors Careers Contact Us
  IT Services Product Engineering Solutions Technology Infrastructure Services Business Process Outsourcing Consulting Services
TECHNOLOGY INFRASTRUCTURE SERVICES (TIS)
About TIS
 Business Service Management
HomebulletBSMbulletCompliance and Best Practices bullet Sarbanes-Oxley

Sarbanes-OxleyThe Sarbanes-Oxley Act of 2002 will have a significant impact on IT organizations. In accordance with Sarbanes-Oxley (Sarbox), executives must attest to the adequacy and effectiveness of their internal controls, including IT controls. Therefore, IT controls will be externally audited, and a statement of control verified by the audit must now appear in annual reports filed with the Securities and Exchange Commission (SEC).

Companies must identify their significant financial accounts, the business processes that support those financial accounts, and the applications and IT systems that support those business processes. Then they must document and test controls at the financial process level, the application level, and the IT infrastructure level.

Although Sarbox does not mandate automated systems-based controls, such controls may ease the compliance process. Auditors will be looking not only for process consistency, but also for the consistent use of controls over those processes. For this reason, auditors may be more critical of manual or paper-based processes in large or distributed organizations. In many cases, using software solutions, such as those from BMC Software, is the best way to implement consistent controls. Because, in general, auditors will not probe as hard when they see that applications are consistently being utilized, you can help to accelerate the audit process by automating your IT processes.

Mapping to IT Controls
As part of the preparation for a Sarbox IT audit, an IT control framework must be identified. COBIT, an IT control framework recognized by the audit community, provides a comprehensive set of control objectives that an auditor may follow point-by-point during an audit.

To support Sarbox, the IT Governance Institute has released an adaptation of COBIT that specifies different process areas that an IT auditor may assess in the context of a Sarbanes-Oxley IT audit.

To understand which of these must be demonstrated to pass the audit, consult with your company's auditor. In addition, as you prepare for your Sarbox audit, consider how software solutions can help to support the following COBIT control objectives:

COBIT Process

Technology

A12

Acquire and implement application software
Design, acquire or build, and deploy systems that support financial processes.

  • Remedy Change Management
  • Remedy Asset Management
  • PATROL®
A13

Acquire and implement technology infrastructure
Design, acquire or build, and deploy systems that support applications and communications.

  • Remedy Change Management
  • Remedy Asset Management
A16

Manage Changes
Address how your organization modifies system functionality to ensure control and integrity of financial accounts

  • Remedy Change Management
  • Performance Assurance
DS1

Define & Manage Service Levels
Address how your organization meets the functional and operational expectations needed to support financial processes

  • Remedy Service Level Agreements
  • Service Level Management Solutions from BMC Software
  • Performance Assurance
DS3

Manage performance and capacity
Maintain complete and accurate data. They also allow an organization to trace back transactions to source information to support their validity.

  • BMC Service Impact Manager
  • SmartDBA™
  • Performance Assurance
DS4

Ensure continuous service
Manage continuous service, including controls to manage various disaster scenarios, from backup and recovery to full business continuity, to ensure the ability to produce financial statements in a timely manner.

  • BMC Service Impact Manager
  • SmartDBA™
  • Performance Assurance
DS9

Manage the Configuration
Ensure that security, availability, and processing integrity controls are set up in the system and maintained through an asset's life cycle.

  • Remedy Asset Management
  • Control SA®
  • SmartDBA™
DS10

Manage Problems & Incidents
Document how your organization responds to system failures and maintain reliable application systems in support of financial business systems.

  • Remedy Help Desk
  • Remedy Change Management
  • PATROL®
DS11

Manage data
Manage data to include controls and procedures to support information integrity, including its completeness, accuracy, authorization, and validity. Controls support initiating, recording, processing and reporting financial information to ensure reliability of financial data.

  • SmartDBA™
  • Remedy Change Management
  • PATROL®
DS13

Manage operations
Maintain reliable application systems in support of the business to initiate, record, process, and report financial information.

  • PATROL®
  • SmartDBA™
  • MAINVIEW®
M1

Monitor the Process
Monitor IT processes is to satisfy various control objective requirements.

  • Remedy Service Level Agreements
  • PATROL®
  • Remedy Flashboards®
 

Industries ServedspacerServices Offered
black
 Subscribe to our monthly Newsletter Subscribe to 'Peer Ping' our monthly newsletter

Request for InformationRequest for Information

For any queries on Wipro Technology Infrastructure services and offerings, contact us at tis.presales@wipro.com
black
TestimonialsTestimonials
black
TIS in NewsTIS in News
black
EventsEvents
black
Influencer & AnalystInfluencer & Analyst
black
Influencer & AnalystWhitepaper
black
Wipro and Infocrossing
black



IT Services | Product Engineering Solutions | Technology Infrastructure Services | Business Process Outsourcing | Consulting Services Sitemap | Disclaimer | Privacy Statement