London software testing news UK


Risk based testing to simplify Sarbanes-Oxley

Posted in Acceptance testing,security testing,Software testing by testing in London on December 29, 2006

From SC Magazine

The Securities and Exchange Commission (SEC) voted today to simplify the auditing process for Section 404 requirements of the Sarbanes-Oxley Act of 2002. Five SEC commissioners unanimously voted to make checking for security controls more risk based and less “obsessive compulsive,” according to SEC Commissioner Paul Atkins.

In the past, auditors had two opinions – one based on controls and another based on management’s approach to establishing controls, Phil Livingston said. Now they will use one cohesive opinion, requiring less testing to streamline the process.

“The way they do it now is pretty convoluted and dumb,” he said. “The process has been pretty inefficient, and the SEC wants money to be spent on the controls themselves, not on frivolous testing.”

Business process testing and risk-based testing

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: