Home Back
Frequently Asked Questions

Q1. What is the SOX CERT Certification?
A1: SOX-CERT is a vendor neutral certification program that has been designed to prove that IT and non-IT professionals have the knowledge and skills needed to implement and support Sarbanes-Oxley Act.

Q2. What is the benefit of our Certification?
A2: The Institue, SOX-CERT will benefit employees, consultants and organizations

Employees and Consultants

Our certification provides Consultants, IT and Information Security Directors, Managers and Professionals, Chief Risk and Compliance Officers, Process Owners, Network, System and Security Administrators with the following benefits:

  • Earn more money: Several recent salary surveys reveal the power of certification to boost income. These surveys show certified professionals earn more money than non-certified professionals, as their skills grow and can command a higher paycheck.
  • Get a better position: Certification is important when being considered for a promotion or other career opportunities. You give the necessary assurance that you have the knowledge and skills to accept more responsibility.
  • Get a better job: It will be easier to move on to another position to get more money and more desirable positions. This certification will differentiate yourself from your competitors.
  • Establishes professional credentials: Certification is an advantage on your resume, serving as a third-party endorsement to your knowledge and experience. Certification and training listed on your resume demonstrates your ability and your desire to stay current.

Organizations

Our certification provides organizations with the following benefits:

  • Independent evidence: Our certification serves as independent evidence that you have the skills required to Implement and support a Sarbanes-Oxley compliance project.
  • Job satisfaction: Certified employees are more satisfied and more productive than their non-certified counterparts.
  • COSO and COBIT frameworks: A Sarbanes Oxley certification is not just one more class. It is a vital part of the compliance project and will satisfy the requirements of the COSO and COBIT control frameworks.
  • Due care: Certified professionals will greatly assist employers in being able to construct a viable Sarbanes Oxley compliance program, and to prove that they exercise due care.

Q3. How long is the exam?
A3: A candidate is given Two hours to complete a 60 question multiple-choice exam.

Q4. What score do I need to pass the exam?
A4: A candidate must score 70% or higher.

Q5. How much will it cost to get certified?
A5: The exam price for the SOX-CERT certification is $295.00

Q6. Is training necessary in order to obtain certification?
A6: No, it is not necessary, but it is highly recommended. You will probably need to prepare before taking this exam. Self-study is an alternative, but classroom training can provide the fast track to certification readiness.

Q7. Where can I get training?
A7: UK: Net-Security Training, 12th Floor, York House, Empire Way, Wembley Park, Middlesex, HA9 0PA
Tel: 020 8900 9015 Email: info@net-security-training.co.uk.

Worldwide: see list of Testing Centres on this website

Q8: What are the pre-requisites for taking the exam?
A8: None, although to fully understand the material and pass the exam, most candidates need a minimum of one years of full-time IT security or Financial professional work experience.

Q9. How long is the certification valid?
A9: The certification is valid for three years.

Q10. How are candidates verified?
A10: After payment, two valid forms of I.D must be faxed or emailed to us prior to the day of the test. One with picture and address (driver's license or passport) and an additional one with at least the examinee's name and/or signature (credit card, employee card, student ID, etc.).

Q11. What will the SOX-CERT exam cover?
A11: The SOX-CERT exam will cover the following areas

• The Sarbanes-Oxley Act of 2002
• Companies Affected
• Employees Affected
• Effective Dates
• SEC
• EDGAR
• PCAOB
• The Sarbanes-Oxley Act and its interpretation by the PCAOB
• Scope of Sarbanes Oxley Project

• Internal Controls
• The Internal Control — Integrated Framework by the COSO committee
• Using the COSO framework effectively
• The control environment
• Risk assessment
• Control activities
• Information and communication
• Monitoring
• Effectiveness and efficiency of operations
• Reliability of financial reporting
• Compliance with applicable laws and regulations
• IT Controls
• IT Controls and Sarbanes Oxley Act Relevance
• Program Development and Program Change

• COSO Enterprise Risk Management (ERM) Framework
• Internal Environment
• Objective Setting
• Event Identification
• Risk Assessment
• Risk Response
• Control Activities
• Information and Communication
• Monitoring
• ERM – Application Techniques

• COBIT - the framework that focuses on IT
• Executive Summary
• Management Guidelines
• Framework
• Control Objectives
• Implementation Toolset
• Activities and Tasks
• Processes
• Domains
• Information criteria
• IT resources
• IT processes
• COBIT Cube
• Maturity Models
• Critical Success Factors (CSFs)
• Key Goal Indicators (KGIs)
• Key Performance Indicators (KPIs)

• Meeting the Information Security Requirements of SOX
• SOX and Risk Assessments
• IT Security

• The alignment of frameworks
• COSO and COBIT
• COSO ERM and COBIT
• ITIL and COBIT
• ISO/IEC 17799:2000 and COBIT
• ISO/IEC 15408 and COBIT
• COSO, COBIT and Sarbanes-Oxley Sections 302 and 404

• Testing, Reports and Documentation
• Reports used to Validate SOX Compliant IT Infrastructure
• Reporting Weaknesses and Deficiencies
• Documentation Issues
• SOX Testing
• Records Retention
• Real-time Disclosure

• Sarbanes Oxley and other regulations
• European Answer to SOX
• Integrating Sox IT security with GLBA, HIPAA and other regulations


Home | Advisory Board | Links | Verify Certificate ID | Study Materials | Contact Us | Site Map
© 2006 Sarbanes-Oxley Certification