In order to ensure the reliability of internal controls related to financial reporting, it is essential to properly understand the design and operation status of IT controls.

In particular, US-SOX and J-SOX require the evaluation of the effectiveness of IT controls (ITGC/ITAC) as an audit requirement, and a formal response is insufficient.

We provide practical and audit-ready support by utilizing our track record and field experience at major auditing firms.

 

Support for the development, evaluation, advice and documentation of IT General Controls (ITGC)

Examples: Confirmation of control content related to access rights management, privileged ID management, log acquisition and confirmation, system change management, backup management, outsourcing control, etc., evaluation of development status, improvement proposals, support for creating documents for audits

Support for the development, evaluation, advice and documentation of IT Business Process Controls (ITAC)

Examples: Support for the design, current status evaluation and documentation of controls linked to each business, such as input control, approval flow, master management and consistency check functions in sales, purchasing, inventory and accounting systems

US-SOX / IT control advisory in response to J-SOX

Support for control design, preparation and documentation in compliance with system requirements and audit procedures

Support for responding to IT control evaluations (preparation evaluation/operation evaluation) by auditing firms

Support for preparation of information security-related documents

Examples: Document creation and review of information security basic policies, access management regulations, system development change management regulations, external outsourcing management regulations, etc.

*Separate cybersecurity consulting also available (security control, vulnerability response, incident response system preparation, etc.)