Independent testing of IT general controls and automated application controls supporting the integrity of financial reporting under the Sarbanes-Oxley Act.
The Sarbanes-Oxley Act requires listed companies to maintain effective internal controls over financial reporting (ICFR). The IT controls that underpin financial systems — access management, change management, computer operations, and program development — are critical to this assurance.
Simbix provides specialist SOX IT audit services, testing the design and operating effectiveness of IT general controls (ITGCs) and key automated application controls across your financial reporting systems. Our work directly supports external audit reliance and management certification under Section 404.
Testing of logical access controls, user provisioning and de-provisioning, privileged access reviews, and segregation of duties across in-scope financial applications.
Audit of change request, approval, testing, and deployment controls for systems within the financial reporting control environment.
Review of batch processing, job scheduling, backup and recovery procedures, and incident management for financially significant systems.
