The Sarbanes-Oxley Act (SOX) was signed into law in july 2002 following a series of high profile scandals. Its objective is to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws.
A large par of the legislation in the Sarbanes-Oxeley deals with accountancy practice, such as procedures for dealing with auditors and the filing of SEC Reports. The sections with most impact on IT Systems are those that require companies to implement control to minimize the risk of inaccurate financial statements or misuse of financial records, and to continually ensure that those controls are effective.
These sections affect a number of areas of a companys IT infrastructure, but one of the most important is that of managing access controls - Securing the activities of users who come in contact with Financial Data, ensuring that only desired users can access it, and ensuring that the security of the data itself. It´s therefore critical to establish procedures and tools to inspect, document and repair and modify access controls for compliance with Sarbanes-Oxeley- Timely reports, along with powerful, fast action tools are needed to endure that the controls are in place, and compliance is achieved.
In this whitepaper, Four Products will be used to ensure SOX Compliance.
- Enterprise Security Reporter
- Security Explorer
- Desktop Authority
- Active Administrator
How to Comply with Sarbanes Oxeley Requirements (read the full Whitepaper)