
SEC Laws That Govern the Securities Industry, including Sarbanes-Oxley http://www.sec.gov/about/laws.shtml
Sarbanes-Oxley Resources A collection of articles and tools to help you understand and implement the law: http://www.deloitte.com/view/en_US/us/e7828445881fb110VgnVCM100000ba42f00aRCRD.htm
Ernst & Young Collection A collection of articles, survey and guides on Sarbanes Oxley http://www.sarbanes-oxley.be/index.html
PCAOB – Public Company Accounting Oversight Board website http://www.pcaobus.org/About/Pages/default.aspx
AICPA SOX Resource Information The AICPA eliminated its section specific to Sarbanes Oxley
KPMG 2010 Internal Controls Study of Technology Companies This publication was designed to help companies assess their S-O 404 programs vis-à-vis the rest of the industry and achieve additional benefits from their S-O 404 compliance investment, such as elimination of unnecessary controls, improved issues visibility, and consolidation and standardization of processes. http://www.kpmg.com/US/en/IssuesAndInsights/ArticlesPublications/Documents/2010-internal-controls-study-of-technology-companies.pdf
Sarbanes Oxley Section 404: A Guide for Small Businesses A short 4 page introduction to Sarbanes Oxley for Small Businesses from the SEC http://www.sec.gov/info/smallbus/404guide.shtml
AuditNet.org The Global Resource for Auditors AuditNet® the global resource for auditors contains audit documentation templates such as programs, questionnaires, checklists, audit guides, job listings, discussion forums, the Audit Process from A to Z and more. AuditNet.org The Global Resource for Auditors
|

1. Your CFO says your SOX Compliance costs are too high. 2. You use more than one software solution to manage your GRC compliance program. 3.You already use Microsoft Excel for your Risk Control Matrix and/or Control Testing.
see more...
4.Your Risk Control Matrix and Test Plans are separate documents that do not dynamically update each other for changes you make. 5.You spend more than 15 minutes each day or 1 hour per week generating management reports to monitor and summarize your controls testing. 6.Your current software is too hard to use or does not automatically produce the management reports you need. 7.You cannot easily explain to your external auditor how your controls have changed year over year. 8.Your software does not alert you to missing information or improper values. 9.Your software does not provide visual highlights for required and/or incomplete testing. 10.Your software does not provide you with an adequate top down control profile of your organization.

|