polito.it
Politecnico di Torino (logo)

The impact of the Sarbanes-Oxley Act in IT Audit. Case Study: An Information System Audit project for an international company

Filippo Ferraro

The impact of the Sarbanes-Oxley Act in IT Audit. Case Study: An Information System Audit project for an international company.

Rel. Elisa Ughetto. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Gestionale (Engineering And Management), 2021

Abstract:

The SOX is a US federal law, enacted in 2002 in response to some of the biggest financial scandals of all time. This law, aimed at protecting investors, imposed important changes regarding the audit activities for companies listed on the American stock exchanges. Among all the sections of the law, the Article 404 significantly affected the IT audit. This article requires the management of a corporation to establish and maintain a structure of internal controls to safeguard the accuracy of the financial information stated in the financial statement. External auditors are required to perform an annual assessment of internal controls in order to evaluate their effectiveness. In this context, the role of the IT auditor has become increasingly important over the last twenty years. Through automatic and/or semi-automatic operations, a large part of transactions and accounting data are now managed and processed in modern business application systems, around which it is required to setup controls aimed at moderating the risk of significant errors or fraud attempts. The thesis will explore the frameworks and methodology used by modern auditing firms to assess the effectiveness of internal controls and ensure compliance with SOX Section 404. Finally, through documents and data obtained from a real IT Audit project, the paper presents a case study on a International company subjected to SOX regulation.

Relators: Elisa Ughetto
Academic year: 2020/21
Publication type: Electronic
Number of Pages: 111
Additional Information: Tesi secretata. Fulltext non presente
Subjects:
Corso di laurea: Corso di laurea magistrale in Ingegneria Gestionale (Engineering And Management)
Classe di laurea: New organization > Master science > LM-31 - MANAGEMENT ENGINEERING
Aziende collaboratrici: EY Advisory S.p.a.
URI: http://webthesis.biblio.polito.it/id/eprint/17660
Modify record (reserved for operators) Modify record (reserved for operators)