Home / Services / SOX IT Security Testing

SOX IT Security Testing

Security testing for Sarbanes-Oxley compliance

2-3 weeks Starting at $12,000
Request a Quote View all services
SOX IT Security Testing ASSESSMENT
2
CRITICAL
6
HIGH
11
MEDIUM
5
LOW
External perimeter testingPASSED
Application security testingPASSED
Remediation verificationIN PROGRESS
Final report deliveryPENDING
Overview

What This Engagement Covers

A comprehensive assessment tailored to your environment.

Sarbanes-Oxley Act Section 404 requires publicly traded companies to maintain effective internal controls over financial reporting. Our SOX IT security testing validates the technical controls protecting financial systems, databases, and reporting infrastructure from unauthorized access and manipulation.

Our Process

What We Test & How

What We Test

We assess IT general controls (ITGCs) including access management, change management, computer operations, and program development. Testing covers financial systems, ERP platforms, databases storing financial data, network infrastructure, and cloud environments supporting financial operations.

Our Approach

Our testing focuses on COSO framework alignment and PCAOB standards. We validate access controls on financial systems, test segregation of duties enforcement, assess change management processes, and evaluate the security of financial data in transit and at rest. Each finding maps to specific ITGC categories.

Deliverables

What You'll Receive

Everything included in your engagement report.

SOX-aligned IT security assessment report

IT General Control (ITGC) validation results

Access management and segregation of duties review

Change management control assessment

Financial data protection evaluation

Auditor-ready evidence documentation

Remediation recommendations by ITGC category

Retest validation report

Methodology

Our Testing Methodology

A structured approach to identifying and validating vulnerabilities.

1

Financial system scope identification

2

Access control and authentication testing

3

Segregation of duties validation

4

Change management process testing

5

Database security assessment

6

Network security for financial systems

7

Backup and recovery validation

8

SOX evidence documentation

Findings

Common Vulnerabilities We Find

Typical security issues discovered during this type of engagement.

Excessive Access to Financial Systems Weak Segregation of Duties Uncontrolled Changes to Financial Applications Missing Audit Trails on Financial Data Shared Administrative Accounts Insufficient Database Security Controls Missing Encryption for Financial Data Inadequate Backup Verification Procedures
Who It's For

Ideal For

Publicly Traded Companies
Pre-IPO Companies
SEC-Reporting Entities
Financial Services Firms
Companies Undergoing SOX Audits
Organizations with Complex ERP Systems
Compliance

Standards We Support

SOX Section 404 COSO Framework PCAOB Standards COBIT

Ready to Get Started?

$12,000

Typical engagement: 2-3 weeks

Request a Quote
More Services

Explore Other Services

Complementary security engagements for comprehensive coverage.

Web Application Penetration Testing

Comprehensive security assessments of your web applications

Starting at $7,500 Learn more

API Penetration Testing

Secure your REST, GraphQL, and SOAP APIs

Starting at $7,500 Learn more

Active Directory & Domain Penetration Testing

Assess your Windows domain infrastructure security

Starting at $10,000 Learn more
Why Us

Why Lorikeet Security

Certified Experts

OSCP, OSCE, CEH, GPEN certified professionals

Auditor Ready

Reports designed for compliance audits

Free Retesting

Validate fixes at no additional cost

Expert Support

Direct access to testing team during remediation

Lory waving

Hi, I'm Lory! Need help finding the right service? Click to chat!