SOX Auditor certs?

Paul BozPaul Boz Member Posts: 2,621 ■■■■■■■■□□
Hey guys and gals,

SOX audits are critical for publicly traded companies. I currently do FFIEC/GLBA IT audits for financial institutions and would like to get into SOX auditing ($$$$). Does anyone here have any experience doing SOX audits, getting SOX certified, or have any advice?

So far I've found a cert from SOX-AUDITOR - Sarbanes-Oxley Certification Institute but I don't know how "valid" it is because I don't know what else is out there.

Can anyone toss me a life raft on this one?

Thanks guys.
CCNP | CCIP | CCDP | CCNA, CCDA
CCNA Security | GSEC |GCFW | GCIH | GCIA
[email protected]
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/

Comments

  • GAngelGAngel Member Posts: 708
    Paul Boz wrote: »
    Hey guys and gals,

    SOX audits are critical for publicly traded companies. I currently do FFIEC/GLBA IT audits for financial institutions and would like to get into SOX auditing ($$$$). Does anyone here have any experience doing SOX audits, getting SOX certified, or have any advice?

    So far I've found a cert from SOX-AUDITOR - Sarbanes-Oxley Certification Institute but I don't know how "valid" it is because I don't know what else is out there.

    Can anyone toss me a life raft on this one?

    Thanks guys.

    I've only seen CPA's and CIA's doing it but i'd think the IT equivalent would be CISA. Don't think there are any others that would hold weight.
    If i were going into it full time I would get CISA and CIA. CFSA might also be one you can look at.
  • Paul BozPaul Boz Member Posts: 2,621 ■■■■■■■■□□
    I'm going to do the CISA, that's not an issue. I'd also like to do the CISM. The reason why I want to get into SOX auditing is because A.) it's highly lucrative, and B.) It only deals with publicly-traded companies. I'm already planning on doing the CISA later this year and possibly the CISM next year.

    I spoke with a SOX auditor that's onsite with my client while I am and he said I basically need like 30 credits in accounting which will require a significant investment in time and effort on my part. I think it may be worth it though since I'm about to finish my degree anyway.

    thanks for the info man :)
    CCNP | CCIP | CCDP | CCNA, CCDA
    CCNA Security | GSEC |GCFW | GCIH | GCIA
    pboswort[email protected]
    http://twitter.com/paul_bosworth
    Blog: http://www.infosiege.net/
  • GAngelGAngel Member Posts: 708
    Huge money and even bigger bonuses if you land in one of the auditing firms.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,893 Admin
    A big problem for the future of SOX auditors is that SOX itself has caused IPOs in the USA to dramtically decrease over the past seven years--especially in the tech sector. This is ironic because SOX itself relies on the existence of public companies. Repealing SOX to allow an easier path for US businesses to IPO is now suggested as a way of revitalizing the US economy.

    I don't know when or if the repeal of SOX will ever happen, but it's something for people looking to specialize in SOX auditing to consider.
  • eMeSeMeS Member Posts: 1,875
    I would avoid the specific SOX certifications. Same thing with the stuff you see around specific HIPAA certs. What I've seen is limited acceptance of these things and even cases where their value has been outright challenged.

    Most of the SOX auditors I've seen are CPAs or hold the CIA credential. Something else you might consider from the institute of internal auditors is the CFSA at CFSA - The Institute of Internal Auditors

    MS
Sign In or Register to comment.