SOX IT Controls Testing
I'm doing a little digging to determine feasibility of using Archer for SOX control testing. We currently have IT, Finance and CE controls documented and maintained in Archer. We also use Archer to facilitate the remediation processes for deficiencies. However we still do testing outside of Archer.
Is anyone using Archer to facilitate the testing of IT General controls? Would you be willing to share your experiences and at a high level what your processes are and roles and responsibilities? Also, if you are using Archer for testing, how are you providing your 3rd party audit partners with the information they require?
- Community Thread
- Forum Thread
- RSA Archer
- RSA Archer Suite
We are using Archer for our SOX Testing and Program management, happy to facilitate a call with you.
PM me and we can arrange a day and time.
Neil Barlow – Head of Information Security GRC
IntercontinentalExchange | NYSE