Wednesday, July 12, 2006
Risk-Based SoD Management with Continuous Monitoring Lowers Compliance Costs
Like controls documentation and access provisioning in previous years, segregation of duties management is part of this year's initiative for auditors and their review of your internal controls.
Unfortunately, this can escalate the already excessive costs of Sarbanes-Oxley compliance if companies continue to manage and test their internal controls like they have in the first years under Section 404 of the Enron-inspired law. Segregation of duties in the real world demands top-down management that eliminates financial risk without adding overhead costs.
This article highlights the challenges to managing segregation of duties, builds a case for risk-based SoD management, and discusses technology solutions for continuous monitoring that deliver affordable and effective SOX compliance.
posted by Brian Moran @ 3:04 PM