CPE PACKAGES (Incl. Ethics) for Multiple States and Qualifications @ $4/credit. CLICK HERE to view.

SOX General Controls, Application Control, Spreadsheet Controls

You need to register for the webinar to watch the video.

Click Here to Register

Before starting this self study program, please go through the instructional document.


  • IT and SOX
    7 mins
  • Approaches to evaluating IT for SOX
    20 mins
  • IT Entity Controls
    27 mins
  • Application vs. General
    41 mins
  • Back-up and recovery
    57 mins
  • Updating Baseline
    78 mins

Course Description

SOX (part of United States federal law) requires the chief executive and chief financial officers of public companies to attest to the accuracy of financial reports (Section 302) and require public companies to establish adequate internal controls over financial reporting (Section 404). Passage of SOX resulted in an increased focus on general IT controls, as these support financial processing and therefore fall into the scope of management's assessment of internal control under Section 404 of SOX.

This webinar will speak directly about the importance of general controls (GC), application controls (AC) and spreadsheet controls as they relate to Sarbanes-Oxley.  In the initial years of SOX compliance, many felt that a material weakness could not result from a failure of any type of IT control. The world had changed. IT is no longer simply a back-office function. IT is of strategic importance to ICFR.  It must be adequately evaluated from both a GC and AC level

The COBIT framework may be used to assist with SOX compliance, although COBIT is considerably wider in scope PCAOB and SEC guidance states technology controls should only be part of SOX 404 to the extent specific financial risks are addressed. This approach can significantly reduce the scope of IT controls required in the assessment.  Scoping decision is part of the entity's top-down risk assessment and can utilize a baselining approach.  However, to understand the aspects of how to scope and baseline information technology controls, the assessor must have a strong understanding of how technology controls impact internal controls over financial reporting.

Major topics covered in this online CPE webinar:

  • Information technology and SOX
  • IT Control Framework
  • IT Entity controls
  • Application vs. General Controls
  • Information Technology General Controls
  • Application controls
  • IT Baselining
  • Spreadsheet processes

Click for more webinars on Accounting & Auditing

Learning Objectives

  • To identify controls to evaluate as it relates to information technology (IT) and SOX
  • To explore the IT control framework and recognize how to approach towards IT evaluation
  • To explore IT entity controls
  • To differentiate application controls (AC) vs general controls (GC)
  • To identify information technology general controls (ITGC) that are specific to financial reporting

Who Should Attend?

  • Accountant
  • Accounting Firm
  • Accounting Managers
  • Auditors
  • Certified Management Accountant
  • Certified Public Accountant
  • Chief Accounting Officer
  • Cloud Accountants
  • CPA (Industry)
  • CPA - Mid Size Firm
  • CPA - Small Firm
  • CPA in Business
  • Entrepreneurial CPA
  • Senior Accountant
  • Staff of Accounting Firm
  • Young CPA