polito.it
Politecnico di Torino (logo)

The impact of the Sarbanes-Oxley Act in IT Audit. Case Study: An Information System Audit project for an international company

Filippo Ferraro

The impact of the Sarbanes-Oxley Act in IT Audit. Case Study: An Information System Audit project for an international company.

Rel. Elisa Ughetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Gestionale (Engineering And Management), 2021

Abstract:

The SOX is a US federal law, enacted in 2002 in response to some of the biggest financial scandals of all time. This law, aimed at protecting investors, imposed important changes regarding the audit activities for companies listed on the American stock exchanges. Among all the sections of the law, the Article 404 significantly affected the IT audit. This article requires the management of a corporation to establish and maintain a structure of internal controls to safeguard the accuracy of the financial information stated in the financial statement. External auditors are required to perform an annual assessment of internal controls in order to evaluate their effectiveness. In this context, the role of the IT auditor has become increasingly important over the last twenty years. Through automatic and/or semi-automatic operations, a large part of transactions and accounting data are now managed and processed in modern business application systems, around which it is required to setup controls aimed at moderating the risk of significant errors or fraud attempts. The thesis will explore the frameworks and methodology used by modern auditing firms to assess the effectiveness of internal controls and ensure compliance with SOX Section 404. Finally, through documents and data obtained from a real IT Audit project, the paper presents a case study on a International company subjected to SOX regulation.

Relatori: Elisa Ughetto
Anno accademico: 2020/21
Tipo di pubblicazione: Elettronica
Numero di pagine: 111
Informazioni aggiuntive: Tesi secretata. Fulltext non presente
Soggetti:
Corso di laurea: Corso di laurea magistrale in Ingegneria Gestionale (Engineering And Management)
Classe di laurea: Nuovo ordinamento > Laurea magistrale > LM-31 - INGEGNERIA GESTIONALE
Aziende collaboratrici: EY Advisory S.p.a.
URI: http://webthesis.biblio.polito.it/id/eprint/17660
Modifica (riservato agli operatori) Modifica (riservato agli operatori)