This memo captures details for SOX IT testing, including objectives, project scope, transaction types, key risks, coordination with specialists, and IT audit decisions.
The purpose of this engagement is to assist companies with achieving compliance with SOX requirements for internal controls over their IT processes. These processes are related to accurate financial measurement and reporting. This includes evaluating the design and testing the operational effectiveness of IT general controls (ITGCs) and IT entity-level controls (IT-ELCs). Operational effectiveness testing was performed on all controls that are “key” based on client management’s assessment.