Top ten ways for IT Directors and Compliance Officers to prepare for EuroSOX:

Below are some short-term actions that Touchpaper have identified to help you prepare for EuroSOX.

1. Find out the practical implications by reading the EuroSOX White Paper written by Touchpaper.
   
   
2. Identify the business areas of the organization that are high-risk and have the potential to be areas where fraudulent activity and transactions could take place.
   
   
3. Identifying the systems, applications and information and data stores that are high-risk and have the potential to be areas where fraudulent activity and transactions could take place.
   
   
4. Identifying the internal and external individuals who have access to these resources.
   
   
5. Deciding who should be allowed to access these resources and to what level of authority their access extends.
   
   
6. Deciding who should be allowed to make changes to these resources and under what circumstances.
   
   
7. Mapping out clear approval and authorization processes.
   
   
8. Putting a plan in place to introduce and manage internal controls covering key areas such as
   
   -  Access rights
   -  Segregating duties such as financial approvals and access to high-risk systems and information
   -  Change management processes
   -  Change management permissions
   - Documented and traceable audit processes and tracking for  systems and information usage
   
   
9. Starting to use automated processes to support adherence to compliance and audit requirements.
   
   
10. Being prepared to demonstrate that these controls provide reasonable assurance that any problem and/or incidents are properly responded to, recorded, resolved or investigated for proper resolution.
    

To find out more on how Touchpaper can help you manage the practical implications of EuroSOX on your organization please email: intouch@touchpaper.com or call +44 (0)1483 744444.