:: Home >> IT Consulting >> Legal Compliance >> Sarbanes-Oxley Compliance >> SOX Implementation Survey

Sarbanes-Oxley Implementation Survey

1. Is your Company currently conducting a Sarbanes Oxley project, and is an individual acting as the primary Sarbanes Oxley (SOX) project management capacity?

Yes No

 

1a. If yes, please explain (project leader, co-project leader, etc.):

1b. If no, do individuals within your company have specific SOX project responsibilities (check all that apply)?

Risk assessment coordination, facilitation and analysis

Operational self-assessment coordination, facilitation and analysis

Documenting processes

Testing

Remediation of gaps

Other (please explain):

 

2. What is the allocation of total internal staff time to SOX work? (if you indicated 100% you are basically saying your staff is working full time on SOX and 0% time on annual audit plan work).

3. Are you using a tool for SOX compliance work (please check all that apply)?

Risk Control Tracking System - D&T

Risk Navigator - Paisley

SarBox Portal - Protiviti

Internal Control Workbench - PwC

Virtual Commitment - JeffersonWells

Ecora – audit software

Unipress – Footprints Change Management software

Other, please specify:

 

4. At what stage of the process are you?

Assessment

Documentation

Testing

Remediation

Complete compliance

A combination of the above, please explain:

 

5. Is IA involved in the process of remediation of identified gaps in controls?

Yes No

 

6. What is the process used to identify gaps?

7. Have gaps primarily been of a certain type?

No gaps identified

Segregation of duties

Formal review and approvals

Lack of process control related documentation

Other (please explain):

 

8. What is the role of your external auditor in the process?

None until the external audit is performed

Counselor and advisor during the process

Providing repository tools and facilitating throughout the compliance process

Other (please explain):

 

9. Are you co-sourcing the SOX compliance process with a third party?

Yes, please explain primary reason for engaging a third party:

No

 

10. Is your audit committee receiving updates regarding the status of your SOX implementation?

Yes

No

 

11. Have you outlined the processes that need remediation within IT for SOX compliance?

Yes

No

 

12. Will you be outsourcing any of the IT remediation for SOX compliance?

Yes

No

 

13. Have you selected the appropriate tools for SOX controls and Testing of IT processes?

Yes

No

 

13a. If so, what tools have you selected for the SOX controls and Testing?

14. What are the three most significant challenges your organization is facing with the SOX implementation process?

15. Additional comments about this topic or survey:

DEMOGRAPHIC INFORMATION:

Country:

Select Country Afghanistan Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bosnia-Herzegovina Botswana Bouvet Island Brazil Brit Ind Ocean Territory Brunei Darussalm Bulgaria Burkina Faso Burma Burundi Cambodia Cameroon Canada Canary Islands Cape Verde Cayman Islands Central African Rep. Chad Chile China Christmas Islands Cocos Islands Colombia Comoros Congo Cook Islands Costa Rica Croatia Cuba Cyprus Czech Republic Dem Rep. of Korea Denmark Djibouti Dominica Dominican Republic East Timor Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France France Metropolitan French Guiana French Polynesia French So. Territories F.Y.R. Macedonia Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadaloupe Guam Guatemala Guinea Guinea Bissau Guyana Haiti Heard McDonald Island Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Israel Italy Ivory Coast Jamaica Japan Jordan Kazakhstan Kenya Kiribati Korea (South Korea) Kuwait Kyrgyzstan Laos Latvia Lebanon Lesotho Liberia Libya Liechtenstein Lithuania Luxembourg Macau Madagascar Malawi Malaysia Maldives Mali Malta Mariana Islands Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherland Antilles Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Island Norfolk Island Northern Mariana Island Norway Oman Pacific Islands Pakistan Palau Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Republic of Korea Reunion Romania Russian Federation Rwanda S Georgia & Sandwich Saint Pierre & Miquelon Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Seychelles Sierre Leone Singapore Slovakia Slovenia Solomon Islands Somali Republic South Africa South Korea Spain Sri Lanka St. Helena St. Kitts-Nevis St. Lucia St. Vincent/Grenadines Sudan Suriname Svalbard & Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Tokelau Tonga Trinidad & Tobago Tunisia Turkey Turkmenistan Turks & Caicos Tuvalu United States Uganda Ukraine United Arab Emirates United Kingdom Uruguay US Minor Outlying Is. Uzbekistan Vanuatu Vatican City State Venezuela Vietnam Virgin Islands: British Virgin Islands: US Wallis & Futuna Islands Western Sahara Western Samoa Yemen Yugoslavia Zaire Zambia Zimbabwe

Number of employees:

Select Number Under 500 501 to 1,000 1,001 to 2,500 2,501 to 5,000 5,001 to 10,000 10,001 to 25,000 25,001 to 50,000 Over 50,000  

Industry:

Select Industry Aerospace, Defense Agriculture, Construction, Mining Banking Chemical, Drug Computer High Technology Consumer Products Educational Institutions Finance, Real Estate Insurance Government Health Care Manufacturing Petroleum Services Telecommunications Transportation Communications Utilities Retail, Wholesale Nonprofit Other  

Annual revenue:

Select Revenue a. Under $500 million b. $500 million to $1 billion c. $1 billion to $5 billion d. $5 billion to $10 billion e. $10 billion to $20 billion f. $20 billion to $50 billion g. Over $50 billion  

Number of employees in internal audit:

Select Number 1 to 5 6 to 10 11 to 20 21 to 30 31 to 50 51 to 75 76 to 100 101 to 200 201 to 350 351 to 700 700 or more  

CONTACT INFORMATION: