Client wants to change the definition of how they put systems in scope for SOX and get creative on how to keep systems out of scope for ITGC. Any ideas on how to do this or other definitions that fly?

Posting as :
works at
You are currently posting as works at

IT dependencies...

like

Materiality?

like

Oftentimes we have been able to identify business controls to keep some systems out of scope.

like

Reduce scope of ITGCs on systems like SAP BW or report writers (e.g. access management is less relevant but change management over integrity of reports is still key) - this can often lighten the load quite a bit.

like

Risk-based

like

Be more granular and consider each control’s relevance for each system.

like

Incorporate new CLCs or ELCs, address risk elsewhere

Why would you want to?

Common controls would apply. But talked about that already lol

like

Related Posts

I was interviewed by one of the Clients of UST and at the last moment I got an offer from UST Bangalore & would be deployed to client location in Bangalore.

How is the experience with such setup at ust

Hello fishes, wanted to get opinions on JP Morgan Vs Barclays for wlb, job security, project technology?
YOE - 5.3
Skills - Java, Angular

Hi Fishes,

Do these 2 points in the JD allude to modelling requirements?

• Prepare transaction specific and marketing materials (teasers, information memorandum, pitch books, corporate profiles, and industry data and analyses)

• Perform in-depth company and industry research supporting specific client engagements and marketing opportunities

like

Seeking UX CD with global systems design experience!

Hi all,

I’m a GCD (not a recruiter) trying to build an elite team for what I consider a very interesting, complex, and challenging project.

like

Can someone here guide me on how to get a project as a freelancer subcontractor with a T2/MBB?

like

Hi Experts,
One of my frnd put his resign in TCS on 20Sept21 but he want early release i.e. on 10th Oct. But HR said as you are critical resource so project has not approved your early release and you need to serve complete notice period. Any consequences he will face if he left on 10th oct??
When he can expect his relieving/Servuce letter in such case.
Also will he face any negative legal action if he abscond after 10th and If he join another conpany will it be legally wrong for him?

I have not been on a project for over 3 months. Since I joined, I have been put in training. The training got extended by a month and now it's close to 4 months since I joined and without a project.

What should I do? People say that I'm lucky to get paid without doing any work, but it is stressing me out. I need the experience. The uncertainty is freaking me out, with rumours of layoffs and the certification program and all.

How do I get into a project? How long do I have to wait more?

today I taught the client to paste column width. I have so much value to add☺️

like

Hi folks any idea about EY for client airtel payment bank. Total experience 3.6 skill automation testing

like

Program/Project Managers here, what are your compensations like?

I'm at 180k TC, 9YoE overall and 1 year as PM.

I landed my first job in tech as an IT Analyst. I want to be a Project Manager, do you think it’ll be hard to make a transition to Project Management.

like

Hi everyone, I am looking for a remote project Management opportunity , I have 8 years experience in technical and non technical project management and live in Kingston, Jamaica.

like

Would anyone like to share anything interesting about a recent project they’ve gotten to work on?

like

Tata Consultancy HCL Technologies

Can anyone pls confirm what's the appx offer for a technical project manager in HCL for 13 years exp? I'm looking somewhere close to 27LPA but want to check what's the going market price. Thanks in advance.

like

Has any one ever successfully had a big 4 firm allow you to work a fixed 9-5 schedule (no overtime etc) and have it work successfully in client service? Like legit laptop closes for the day and your done.

funny

Is anyone here running In-Stream Reserve video ads on Facebook? In-stream *auction* has been a top performer for us, and our Meta reps are pushing the client to commit $ to ISR bc “it’s premium inventory with locked in CPMs!” But it’s also managed service (ugh), which means an IO and no ability for our team to hands-on manage the campaign (what if something goes wrong? Our reps are hard enough to get a hold of in the best of times). Would love to hear from anyone who has tested it!

like

Hello! I am a Technical Sourcer/Recruiter at a reputable FinTech company. I would like to transition into Project Coordination/Management within the tech space. Any tips for the transition? Recruiters: I am open to entry level & contract roles to gain experience! Thanks in advance for the assist!

What can i expect in welcome kit at Analyst level 11 Salesforce in Accenture, I have 1 yr exp im already working on project, its not even been a week since my joining

like

Where is the project management salary document? I can’t find it pinned. Please and thank you

likehelpful

Hi All,
i need one suggestion.
I have two offer one with
Virtusa-13.63lpa Fix Total-15.00lpa
Exl service-13.5lpa Fix Total-15.22lpa
Tsystem offer i have they can revised upto 15lpa.
YOE-2Year
Which one should i go for?
virtusa Client is HSBS, does anyone have nay idea about HSBC Client.
please help asap my joining with this company is tommorrow.
Thanks in advance

like

More Posts

Any tips of resources to help prep for interviews? I have an interview coming up that has business cases that will test statistics concepts and also general data sense (approaches, defining KPIs, etc).

like
like

How does everyone feel about a walk at the park for a first date?

likeupliftingsmart

Hi Fishes,

Can anyone of you please tell me what would be the hierarchy level for a person joining in
JPMorgan Chase with 5+ YOE?

What should be the naming convention of design for a person with this experience?
Analyst or Associate or Senior Analyst or Senior Associate?

Any leads would be highly appreciated.

TIA

like

Parents keep asking how many holidays I have and saying “well you won’t be able to use many” you’ll only come home X number of times, then you’ll have lots of holidays left, what will you do with them. And keep asking when are you coming home, when I saw them 1 month ago. If I use my holidays to do something with friends or something on my own, they say “oh you don’t want to see us, you could use those holidays to come visit us, but you don’t care about family” I’m just exhausted, how do I deal?

like

Any good cos providing perman remote option ?

Hi Everyone, my YOE is 14 on VMware Products as an Administrative/Consultant/Architect...i have created an Express Entry profile for Canada , still no luck with interviews via Job Bank , LinkedIn and Indeed. I have opted to pay a VISA services firm for marketing my resume and apply for me. Was this a good option ?

Anyone know of IT Security jobs specializing in NIST and/or FISMA that are hiring?

Accenture Strategy comp at consultant level?

like

Would a DUI during law school pose a problem two years later on a background check with either JL or Littler (I got through character and fitness with it during bar app. time) ?

I will be in Charleston for half a day to travel/ explore/ tour but I have a full hand carry. Where can I store it? There no bag storage at the airport. I am flying in around 10am and flying out around 7pm. Thanks

like

Hi floks,

I have around 7 years of experience of which -
Yoe - 4 yrs in FDD practice and 3 years in audit practice in big 4s. By qualification, I am CA and CPA.
I am looking to explore job opportunity in United States and want to understand the opportunities and how likely it is that I will get visa sponsorship from my current or any potential employer.

Any inputs or suggestions, will be appreciated. Thanks.

like

So it seems like (almost overnight) everyone became a stock trader. I’m curious 1) how many people actually trade, and 2) how many people unironically follow WSB for advice

like

Are there any methods you have to saving money on office supplies?

like

How is Mitratech? Please suggest job security and growth perspective specially!

like

IT Audit staff position available in Denver. DM me if interested

like

Tips for when an interviewer asks for references?

like

Does your health insurance cover massages? If so, how do you go about getting them? Do you need a referral from your dr?

like

Hey, any idea on the pay that Deloitte offers to AM Level 2 and 3 into Audit (FS) side ?

like

Additional Posts in Risk Assurance

Excuse my naivety, but can someone explain to me what exactly risk assurance is? Like advisory or audit? And job responsibilities? It seems like every firm defines/calls risk assurance differently

like

Thoughts on EY risk advisory?

like

I have a call later today to discuss salary expectations for a Senior Manager IT Audit role at a bank in the NYC area. I have about 10 yoe at a Big4 and currently make about $160 k salary only not including bonus. What is a fair range to ask for without undervaluing myself or pricing myself out of the role?

like

What makes more money IT Audit or IT GRC?

like

Hi folks, what should the salary for an someone with 3+ years on tech risk be in Canada?

likefunny

How have you used Data Analytics in your work?

like

What are your technical skills? (Interview Question).

like

What are the odds of transitioning from a Senior in IT risk to a transformation role? Really interested in getting to know that service line a bit better to see if it’s a good fit

like

Anyone looking for a referral to join RSM? Hiring for Experience Associate, Senior Associate, Supervisor, Manager, and Director for multiple location. PM me if you interested.

funnylike

Do Tech Risk Soley test ITGCs? What does your day consist of testing application controls?

like

Left PwC as an experienced associate and currently in industry doing staff accountant work. Now I’m thinking about going back to Risk Assurance. How dumb am I?

like

PwC vs. Deloitte Internal Audit. Pay, type of work, overall strength of a practice? I’m thinking to join Deloitte IA practice, but wondering if it’s the same as PwC. I understand that...(cont.)

like

I’m thinking about moving from BDO assurance (staff1) to PWC IT Audit, and am in the final talks of pay, etc. I’m going be staff 2 shortly.....cont.

likehelpful

Are there any jobs that are fully remote/allow for ease of living anywhere?

like

If you could do it again, what would you have chosen instead of Risk Assurance?

funnylike

Can anyone provide insight into working at Protiviti in IT audit? Is there truly a work life balance or is it just like B4 hours?

like