SOX Compliance and Requirements In 2019
The United States Congress passed the Sarbanes-Oxley Act (SOX) in 2002. This was introduced to protect shareholders and the general public from fraudulent practices in enterprises and accounting errors. It was intended to improve the accuracy of corporate disclosures. The act sets a rule on requirements deadlines for compliance and publishes. The act was drafted by Congressmen Paul Sarbanes and Michael Oxley with the goal to improve corporate governance and accountability, in light of the financial scandals like Enron, WorldCom, and Tyco among others.
All public companies were asked to comply with SOX, both on the financial side as well on the IT. As a result of SOX the way, IT departments maintained their corporate electronic records changed.
While the act does not specify how to establish a set of business practices or how a business should store records, it only specifies which records should be stored and the duration of the storage. To comply with SOX, corporations must save all business records, and electronic messages, for “not less than five years.” Failing to comply with SOX will incur fines or imprisonment, or both.
SOX Compliance and Data Security
For IT managers and executives, compliance with SOX is an important ongoing concern. But SOX compliance is more than just being able to pass an audit – when appropriate data governance are properly implemented, they can have a number of concrete benefits for their business, like
• 78% of organizations leverage SOX compliance led to driving continuous improvement in financial reporting
• 52% of organizations reported “significant” or “moderate” improvements in internal control over their financial reporting since the implementation of SOX
Ultimately, the report concluded, “enterprises should treat SOX not as a compliance exercise, but as a long-term process to create greater value in the organization. This is one of the outcomes the framers of the SOX legislation intended.
How can SOX compliance benefit you?
Apart from the threat of fines and penalties, organizations are using SOX as a framework for:
• Auditing existing IT infrastructure, redundancies, identifying inefficiencies, and superfluous controls.
• Streamlining auditing processes and reporting, increasing productivity and reducing costs.
• Managing security risks more effectively and responding quicker in the event of a breach.
A software solution for meeting compliance requirements should be able to monitor data, enforce policies, and log every user action. With evidentiary-quality trails, all of the data needed for compliance is in place. Protect your data and your business with a software solution that ensures SOX compliance and rest a little easier during your next audit.
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.