CovesticCovestic Site MapContact Covestic
About CovesticSolutionsPublicationsClient SuccessesIndustry ExperienceCareers

Covestic helps telecommunications company successfully addresses control gaps.

BUSINESS CHALLENGE
A major U.S. wireless carrier knew that meeting SOX requirements was going to be challenging. The company had millions of subscribers in the U.S. market, and over 20,000 employees and five major datacenters. As the company began to prepare itself to address SOX compliancy, they identified many applications spread across hundreds of systems that were SOX-significant. Of these, there were a number of legacy systems that would need to be modified to meet SOX requirements. The company also realized that their organizational structure did not support regular reviews of the company's existing controls or the addition of new ones. Added to this, the company had undocumented processes and controls that either could not be audited or did not produce compliance evidence.

COVESTIC'S SOLUTION
The company knew that finding the right partner, one that would bring together diverse skill sets and disciplines, would be critical to the success of the project. They turned to Covestic because of our combination of deep subject matter expertise on IT and security controls and proficient project management teams.

The project was initiated by a meeting with company's SOX compliance committee. Each project team's control remediation focus and the company's staff support requirements were confirmed. The project teams were then deployed to begin interacting with the designated business groups.

The first area that Covestic's IT and security audit experts examined was the documentation for the identified control processes. This was a crucial component that needed to be in place to pass external auditor scrutiny. As gaps were remediated, they were validated for effectiveness and the ability to be audited.

Covestic also performed a substantial amount of knowledge transfer of control assessment and validation testing. This helped the company develop expertise and establish the process for doing a self-assessment, which is required by SOX and supports a continuous improvement process as identified in Section 409.

PROJECT RESULTS
The company reached its compliance goals along with improving the confidentiality, integrity, and availability of business systems and data. They now have a better understanding of the processes and IT infrastructure that support creation, transfer, and reporting of their financial information.

 
Covestic enabled
the client to:
  • Identify and remediate control gaps.
  • Meet SOX compliance requirements.
  • Perform on-going self-assessments to meet SOX requirements in the future.
©2007 Covestic Inc. All Rights Reserved. | Legal | Privacy
About Covestic | Solutions | Publications | Client Successes | Industry Solutions | Careers | Contact