The new standards of accountability for auditors and corporate board was established by the Sarbanes-Oxley Act of 2002. SOX is the result of several large corporate scandals. Investors in these corporate scandals lost billions of dollars. Therefore, strict methodologies needed to be established to ensure future investors that the accounting industry can operate and produce quality and reliable results. The SEC requires all publically traded companies to submit annual report internal accounting controls. SOX is also known for its financial disclosures and corporate governance. Provisions of SOX details the criminal and civil penalties for not being compliant. Being SOX compliant includes, Control for Information and Related Technology,
…show more content…
There is no element in the SDLC that is more important than the testing system. None of the phases are carped more than the testing of being carried out at a substandard level. In most cases, IT and management try to reduce the project’s cost through reducing testing. Phase seven is the implementation of SDLC. In this phase the system needs to ready for implementation. But before this can be done the user acceptance must sign off. This requires documentation which includes the user acceptance report (Aras & Ciaramitaro, 2008). System Maintenance is the last phase. IT experts and IT auditors have an 80% awareness of time spent and cost spent on the system software, over the life cycle after …show more content…
Processing a system development can be controlled very loosely, hence making it hard to mitigate these risk but, the proper use of methodology can lessen the mitigation. For example, if the development team create an application system under an inappropriate methodology, then the application may be useless the user, this would be a significant risk at the time of systems development (Dattero & Gallup, 2007). Methodologies also requires the attention of an IS auditors’ to acknowledge the existence of a documented methodology. This is why an IT dependent operating environment offers suitable documentation for each phase of system development processed. However, IS auditors may need to take into account the existence of methodology to make sure the compliance with Capability Maturity Model Integration standards or to the International Standardization standards (Dattero & Gallup, 2007). Lastly, methodologies are critical element that should be consider for IS auditors, as the system development matures more IS auditors will be using this practices. Which means more mature practices system development can facilitate the SOX
There is no element in the SDLC that is more important than the testing system. None of the phases are carped more than the testing of being carried out at a substandard level. In most cases, IT and management try to reduce the project’s cost through reducing testing. Phase seven is the implementation of SDLC. In this phase the system needs to ready for implementation. But before this can be done the user acceptance must sign off. This requires documentation which includes the user acceptance report (Aras & Ciaramitaro, 2008). System Maintenance is the last phase. IT experts and IT auditors have an 80% awareness of time spent and cost spent on the system software, over the life cycle after …show more content…
Processing a system development can be controlled very loosely, hence making it hard to mitigate these risk but, the proper use of methodology can lessen the mitigation. For example, if the development team create an application system under an inappropriate methodology, then the application may be useless the user, this would be a significant risk at the time of systems development (Dattero & Gallup, 2007). Methodologies also requires the attention of an IS auditors’ to acknowledge the existence of a documented methodology. This is why an IT dependent operating environment offers suitable documentation for each phase of system development processed. However, IS auditors may need to take into account the existence of methodology to make sure the compliance with Capability Maturity Model Integration standards or to the International Standardization standards (Dattero & Gallup, 2007). Lastly, methodologies are critical element that should be consider for IS auditors, as the system development matures more IS auditors will be using this practices. Which means more mature practices system development can facilitate the SOX