Академический Документы
Профессиональный Документы
Культура Документы
I have spent a day with my team researching the Sarbanes Oxley and the Basel ii markets, and I want to share some interesting
findings with you.
It is good to feel and understand better the demands of the marketplace. We will discuss 22 Sarbanes Oxley related Job Titles and
Descriptions, posted during the spring of 2009, in the middle of the market crisis.
I believe that you must do your own research. Don't believe me, search! Look at the compensation packages that are offered. In this
newsletter we will focus on the job desription and the tasks required.
I always enjoy reading creative and unique job titles and descriptions (example: Traffic Manager!!! at number 18). We will share some
of them.
Lets start!
Manage the company's external financial reporting processes, including periodic filings with the SEC (10Q, 10K, etc.)
Manage company-wide activities to monitor and evaluate internal controls over financial reporting (Sarbanes-Oxley)
Serve as a subject matter expert and executive advisor with respect to accounting and financial reporting/disclosure issues (GAAP,
SEC, FASB, PCAOB, etc.)
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 2 of 11
Support negotiation and review of key contracts to assure that potential accounting, reporting and tax issues are identified and
addressed early
Provide leadership in the identification, testing, and reporting on the functionality of controls identified for Sarbanes-Oxley annual
attestation(s), SAS70 certification, and ISO 27001 / 27002 certifications.
COBIT/COSO/ITIL
1. Work on internal control projects aimed at SOX compliance in the Americas; scoping, identification of monitoring controls, and
evaluating control effectiveness etc.
2. Develop relationships and regularly communicate with Business unit & infrastructure management as well as Corporate ORM on
the Sarbanes Oxley compliance efforts.
3. Participate in the global scoping exercise to identify the critical financial statement accounts and key processes in scope for the
Company, Regions and Business Units for annual SOX compliance.
4. Stay abreast of Sarbanes Oxley regulatory changes and Promote the understanding of Sarbanes Oxley as a regulation, and
communicate accountability for continuous monitoring, reporting and management of the risk (including attestations), as well as
maintenance of the control environment.
5. Complete quality assurance reviews and develop standards for the oversight of identifying / moving towards monitoring controls,
moving towards self-assessments, gap identification and remediation, etc.
6. Develop and deploy internal training on SOX as a topic, and on specific tools and activities.
Assist in ensuring that the business continues to follow a risk-driven approach to self-assessments and key risk indicators that
broaden scope beyond SOX risks and controls, while simultaneously leveraging management controls already in place.
Streamline SOX efforts in view of risks, and recent PCAOB guidance allowing Co's to move towards leveraging monitoring controls
already in place at the organization.
· 5-10 years experience of SOX audit experience either from a public accounting firm or similar major financial institution
· Proven experience assessing and developing internal control processes around SOX compliance guidelines
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 3 of 11
Sr. Director - Sarbanes Oxley (SOX) will facilitate and manage the companies worldwide SOX initiate under the direction of the VP
of Operations and Internal Controls.
b.Execute and test a control self assessment program with Tier 2 and 3 locations
Manage development and approval of worldwide test / audit plan on behalf of management
Liaison and assist internal audit to schedule and source the annual test of effectiveness
Coordinate and / or review executed test plans / work papers to analyze / categorize deficiencies
Requirements:
- Must have extensive knowledge of legal ethical standards and regulations (i.e. Sarbanes-Oxley Act)
- Bachelor's degree
A high growth division for one of the most recognizable manufacturing names in the world, has an immediate need for a Sarbanes
Oxley professional.
In this role you will be responsible for partnering with management to identify key business process and internal control points to
ensure SOX compliance.
You will develop, implement and test controls and regularly evaluate the effectiveness of internal controls.
As a senior member of the SOX team, you will be counted on to identify opportunities to streamline compliance activities and make
them a seamless part of operations.
This will be a highly visible position with tremendous upward mobility within SOX and other areas of Audit or Finance.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 4 of 11
Creates, updates and keeps current all SOX-IT documentation in the Protiviti portal as well as in appropriate hardcopy locations.
Documents SOX-IT policies and procedures for all locations, and ensures compatibility with business department policies and
procedures.
Provide direct training and oversight to all employees, contractors, alliance, or other third parties with information security clearance
on the SOX-IT policies and procedures.
Initiate activities to create and imbed SOX-IT awareness throughout the Company.
Manages the annual SOX-IT project, coordinating all work efforts among UAFC Internal Audit, Protiviti, and Ernst & Young
external audit staff to ensure that project goals, deliverables and milestones are accomplished.
Develops Microsoft Project-based project plans specifying project phases tasks, deliverables, milestones, resources and task duration.
Generates numerous project plan reports including Gantt charts, project schedules, task lists and resource loading reports.
Identifies all annual SOX-IT project deliverables, milestones, and required tasks
Coordinates activities of the SOX-IT audit team, including monitoring of all change management and logical security weekly audit
work.
Ensures 100% compliance from all IT staff with policies and procedures, and escalates exceptions to the Vice President/CSO-IT and
the CIO as needed.
Recommends and oversees IT-related remediations and process improvements resulting from the performance of audit activities.
Prepares the final SOX-IT audit management response to ensure that all findings and recommendations are addressed in a timely
manner.
Creates and maintains the annual SOX-IT calendar of events, and coordinates activities with the Corporate SOX Committee.
Coordinates all activities with the quarterly logical security recertification process to ensure compliance with IA, internal and external
audit findings and recommendations.
Assists in audit of the IT and Corporate disaster recovery plans and other IT-related corporate initiatives as required.
Coordinates gathering of information and completion of all documents to satisfy all internal and external audits (state audits, third-
party audits, government audits).
Acts as a personal liaison for all auditors and examiners from these organizations.
Required Skills
Very strong knowledge of IT project management methods and techniques.
Knowledge and experience in administration of Sarbanes Oxley standards relating to Information Technology.
Knowledge and experience of various IT governance standards (CobiT, COSO, ISO17799, ITIL, etc.).
Knowledge and use of Microsoft Project and other Microsoft Office products.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 5 of 11
Responsibility for the execution of the annual SOX compliance process for respective business unit ("BU"):
Assist BU in documentation of controls, process flow documentation and SOX narrative updates
Perform control "walkthroughs" with BU to assess control effectiveness; perform and/or oversee/coordinate SOX testing
Meet with BU frequently to understand business, processes and changes to control environment
Plan and execute the ongoing re-assessment of control design to facilitate ongoing SOX effort; facilitate continuous reduction of
manual controls.
Provide support for key SOX stakeholders (control owners, IA, PWC & senior management)
The Director of Sarbanes Oxley Compliance will be highly regarded with an excellent track record in his or her current environment.
The successful candidate must be a strong, decisive, results oriented leader who can develop and manage relationships across the
company and with a wide variety of partners, based on teamwork and knowledge.
" Preparing annual projects scoping analysis and project planning that complies with SEC guidance.
" Preparing presentations/updates to the Corporate Controller for meetings with the Examining and Audit Committee.
" Preparation of quarterly and annual SEC related certifications including all work needed to support those representations.
" Coordinating with E&Y and Corporate Audit on SOX related items.
" Providing direction and guidance to senior members of the Finance Network on SOX questions and issues.
" Interacting with and providing guidance and direction to the IT Governance Group on SOX work.
" Attending SOX audit closing meetings with business area division and area controller and division and area executives.
" Tracking and status reporting of all business area documentation, testing and testing exceptions.
" Reviewing and classifying the severity of all operating effectiveness testing exception.
" Staying current of evolving guidance from the PCAOB, SEC and the Big 4 Accounting firms.
" Staying current with the reporting and accounting activities of the State Street Finance Group.
" Staying current with the business operations of business units and staff functions as they impact internal controls over financial
reporting.
" Maintaining administration and content of the Open Pages applications and all other documentation needed to satisfy SEC
guidelines.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 6 of 11
Ideal candidate will have 7+ years of overall experience in accounting with prior Big 4 public accounting experience preferred.
A Bachelor's in Accounting is a must, and advanced degrees or certifications are a definite plus.
You will have experience or exposure to manufacturing and have a strong track record working with or in a Sarbanes-Oxley
compliance environment.
You will be an excellent communicator who is a self-starter that works well either independently or as part of a larger group.
A major Insurance company, is seeking a Sr. IT Audit/SOX Specialist to join their team based in NYC.
Ideal candidate will have a minimum six plus year's SOX background out of major CPA firm. MBA preferred but not required
Assist in ensuring that the business continues to follow a risk-driven approach to self-assessments and key risk indicators that
broaden scope beyond SOX risks and controls, while simultaneously leveraging management controls already in place.
Streamline SOX efforts in view of risks, and recent PCAOB guidance allowing Co's to move towards leveraging monitoring controls
already in place at the organization
Assist in achieving SOX compliance relative to ensuring that internal controls are present; scoping, identification of monitoring
controls, and evaluating control effectiveness etc.
Assist Relationship Managers focused on delivery of broader OR framework, on an as needed basis, with a view to developing a
broader understanding of Operational Risks.
Develop strong working relationships and regularly communicate with Business unit & infrastructure management as well as
Corporate ORM on the Sarbanes Oxley compliance efforts.
Participate in the global scoping exercise to identify the critical financial statement accounts and key processes in scope for the
Company, Regions and Business Units for annual SOX compliance.
Stay abreast of Sarbanes Oxley regulatory changes and Promote the understanding of Sarbanes Oxley as a regulation, and
communicate accountability for continuous monitoring, reporting and management of the risk (including attestations), as well as
maintenance of the control environment.
Complete quality assurance reviews and develop standards for the oversight of identifying / moving towards monitoring controls,
moving towards self-assessments, gap identification and remediation, etc.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 7 of 11
Performs the annual planning and scoping for the 404-assessment process in coordination with the Finance Department and Internal
Audit Department.
Works with management (Bank wide) to recommend and implement best practice solutions, which enhance the internal control
environment and operational efficiency of the Bank.
Monitors change in business, process and systems to ensure timely identification and assessment for 302 and 404 compliance.
Coordinates closely with cross-functional teams (Internal Audit, Finance, Independent Asset Review, and Enterprise Risk
Management etc.) to ensure an efficient and a synergistic approach to overall risk management and testing of internal controls.
Evaluates audit findings of internal and external auditors, bank regulators and management to identify control deficiencies and assist
with their remediation.
Monitors and reports identified control design and effectiveness deficiencies and drives the remediation efforts.
Provides on-going training to business units on internal controls over financial reporting and related responsibilities.
Support ongoing enhancements to the design and functionality of the Bank's automated Risks and Controls monitoring software tool
(Paisley's Risk Navigator).
§ Serve as a subject matter expert on the Sarbanes Oxley Act (S-O), monitor changes in laws, regulations, interpretations, and
applicability to the Company.
Ensure that changes to the Act are fully incorporated and implemented in applicable policies, procedures and practices within
required timeframes.
§ Manage the day-to-day activities supporting the Company's S-O compliance work including; coordinating with Affiliate Partners,
and the Parent Company's management team to maintain the policyIQ (PIQ) database of documentation for risks, controls, and
tests and make sure it is current while confirming status of key controls while also ensuring key controls are evaluated for design and
operating effectiveness on a quarterly basis and for year-end reporting.
§ Confirm the status of key control testing performed at each Affiliate Partner and the Parent Company's management team.
§ Coordinate the communication between management, internal audit and the Company's external audit firm to minimize
redundancy of work and enhance audit coverage.
§ Work with the Parent Company's and Affiliate's Chief Financial Officer to assist the Company's external audit firm to ensure
appropriate and timely access to information necessary for them to complete their work.
§ Continue to develop, implement and manage S-O compliance process. The sustaining process includes, but is not limited to, the
following:
o Perform the quarterly scope review of financial statements and disclosure risks, controls and tests
o Monitor documentation maintenance by process owners
o Manage the ongoing identification of key controls
o Monitor and provide feedback on each of the Parent Company's and Affiliate Partner's annual testing plan of key controls
o Supervise the implementation of management action plans to address any control deficiencies.
§ Assist new, majority-owned Affiliate Partner with implementation of S-O. Meet with Affiliate Partner management to review
purpose of S-O, provide PIQ training, develop an implementation plan for documentation and testing key controls and confirm
financial and personnel resources. Leverage existing Affiliate Partner documentation where appropriate.
§ Overseeing and ensuring that S-O issues are being remediated in a timely and complete manner across the Company.
§ Prepare periodic status reports and report to Company's management and the Audit Committee on the status of the Company's
compliance with S-O and any issues pertaining to successful compliance with the Act.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 8 of 11
§ Prepare periodic status reports and report to Affiliate Partner Board of Directors or Audit Committee on the status of the
Company's compliance with S-O and any issues pertaining to successful compliance with the Act, when applicable.
§ Monitoring changes in relevant laws, regulations and trends and distribute related information in a timely manner to relevant
entities across the Company.
§ Leverage training opportunities to stay current with areas of responsibility, share knowledge with team members and management,
and enhance value added service.
§ Travel periodically to visit and work with each Affiliate Partner on internal audit areas.
QUALIFICATIONS:
§ Prior work experience in banking/finance/public accounting with S-O, internal control or internal audit a plus.
§ Experience with and a strong understanding of Section 404, Internal Controls over Financial Reporting, rules (SEC and PCAOB).
§ Experience identifying risks associated with processes (risk assessment), identifying internal controls within a process and
performing gap analysis to determine if one or more risks are not mitigated / eliminated by one or more internal controls.
§ Excellent organization and project management skills and ability to multi-task and prioritize competing priorities.
Performs other projects for Sarbanes Oxley implementation as required and assists in managing EmblemHealth's automated
Sarbanes Oxley compliance tool
This key team member will assist team management with Sarbanes-Oxley compliance activities, internal audit projects, and
consulting activities related to Information Technology.
The successful candidate will have a Masters degree and seven to ten years of progressive IT internal audit experience.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 9 of 11
Audit experience and strong understanding of internal controls and Sarbanes Oxley implementation preferred.
Develop and maintain data and process integrity audits, monitor the controls and compliance across the organization, and provide
recommendations and reporting to all levels of management.
- Manage the station's inventory to help maximize revenue yield by effective and proactive traffic management
- Work with sales management to shape pricing and availability and manage demands
- Order Input
This Fortune 100 company is seeking a seasoned Security Analyst to effectively manage and execute multiple, enterprise level
program(s) in support of PCI-DSS, Sarbanes-Oxley, and other applicable regulatory compliance efforts with no finding.
For this role, you will define and deliver to the agreed budget, scope, and timelines.
You will Assess and implement compliance effort(s) as they surround the Payment Card Industry Data Security Standard (PCI-DSS),
Sarbanes-Oxley, GLBA, and/or HIPPA.
You should have demonstrable experience working in an information security consulting role with skills in identifying opportunity to
streamline and/or enhance current assessment methodology.
Experience should include working knowledge in PCI (Visa CISP, MasterCard SDP, Discover DISC, Amex DSOP) and preferably
one more regulatory area including, but not limited to: ISO 17799/BS 7799, Sarbanes-Oxley (SOX), GLBA, HIPPA. Business casual
work environment, class A office space, and excellent benefits!
The associates in the job will be responsible to validate documentation, perform walk-through and testing and evaluate the results of
both.
They will also be heavily involved in training associates on how to perform their own self-assessments and testing.
The sites involved include plants, warehouses, retail stores and corporate headquarters.
This person will work with all levels of associates from the Plant Manager through a receiving associate as well as levels of corporate
management.
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 10 of 11
They will be responsible to perform management's testing for Sarbanes-Oxley compliance in multiple plants, distribution centers,
retail stores and corporate headquarters.
Position Responsibilities
1. Help locations complete and evaluate the effectiveness of their Sarbanes-Oxley documentation.
3. Assist locations in re- mediating any Gaps found during documentation, walk-through and testing processes.
7. Accounting research (GAAP ) and project documentation for NAT business initiatives
NOTE 1: You can develop a checklist with important Sarbanes Oxley related tasks from the above detailed job
descriptions.
NOTE 2: It is good to start learning whatever you have read above and you do not know.
NOTE 3: Sarbanes Oxley knowledge and experience will always be of paramount importance in risk and
compliance management.
Dear members,
Visit the website of our association - www.sarbanes-oxley-association.com
Write in your CV, resume, websites etc. that you are members of the Sarbanes Oxley Compliance Professionals Association
(SOXCPA).
Take advantage of the distance learning and online certification program of our Association - at a cost that is unheard of.
www.sarbanes-oxley-association.com/Distance_Learning_and_Certification.htm
My best wishes,
George Lekatis
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009
Sarbanes Oxley News June 2009 Page 11 of 11
http://www.sarbanes-oxley-association.com/SOXCPA_Email_June_2009.htm 5/28/2009