Practical advice to help JD Edwards users prepare for SOX audits
SOX compliance audits can be a very stressful experience for IT staff. They often don’t know what the auditors will look for and find it difficult to retrieve the evidence that auditors request. JD Edwards is very complex, but knowing what to expect, good planning and appropriate preparation can help you to get through the audit successfully and efficiently.
What is the purpose of a SOX compliance audit?
The main objective of a SOX audit is to determine whether a company’s financial statements are a true reflection of its financial position and performance. It provides information for investors and other stakeholders on how well the organization adheres to accounting principles and standards.
A critical part of the audit focuses on testing the organization’s internal controls, i.e. the procedures that it puts in place to prevent operational errors and fraudulent activity.
What do auditors look for?
From an IT perspective, it’s very important to implement robust access management and Segregation of Duties controls to ensure that users’ access is appropriate to their jobs and correctly approved, according to your procedures. Auditors will test the efficacy of your controls and look for any variances or oversights.
Where do I begin?
It can feel daunting, but help is at hand! Carrie Curry, an expert in JD Edwards security and audit, has produced a 3-part webinar series designed for IT staff who need to prepare for and participate in SOX audits, especially those responsible for access-related controls or providing audit evidence. She shares insights into how your items will be reviewed and tested.
- An overview of the audit process
- Audit requests – what types of evidence will you be required to provide?
- An in-depth review of controls related to user access and provisioning in JD Edwards.
We hope you find it helpful!