Contact Us, call 1.888.638.974 or connect via
|
Overview Change AuditingRegulatory ComplianceIdentity ManagementEndpoint Managemente-DiscoverySIEMEnterprise Management Suite ProductsSuccess StoriesWhite PapersCompetitive ReplacementVideo Demo  Need More Features? If you want to see additional features implemented in the product, we would love to hear. Click here to tell us. |
All public companies in the U.S. are subject to Sarbanes Oxley (SOX) compliance without exceptions. SOX compliance requirements also apply overseas operations of U.S. public companies and international companies listed on U.S. exchanges. Failure to comply with SOX can result in fines of up to 5 million dollars and up to 20 years of imprisonment of C-level executives accountable for SOX implementation. Other countries have similar laws, for example, Canada enacted a regulation known as Bill 198, Japan established aptly named J-SOX, and both are very similar to the "American" SOX in many parts. SOX requires public companies to adopt Internal Controls over Financial Reporting (ICFR), and these controls of course include IT controls that affect financial reporting operations. The Act includes two sections that affect IT departments: Section 302 (15 U.S.C. § 7241: "Corporate Responsibility for Financial Reports") and 404 (15 U.S.C. § 7262: "Management Assessment of Internal Controls") of SOX. SOX defines three major requirements: establishing of controls, ongoing evaluation of controls (monitoring and testing), and disclosure ("auditability") of control effectiveness (including defects and weaknesses that can result in fraud). Manual implementation of these requirements can result in increased operational costs, while automation usually results in much lower compliance costs, increased efficiency, and other benefits. The Sarbanes-Oxley Act does not provide any recommendations for implementation of SOX and this why several organizations created different standards of IT controls implementation. The most widely recognized IT-specific standards are COSO "Internal Control - Integrated Framework" endorsed by SEC and COBIT (Control Objectives for Information and Related Technology) created by ISACA (www.isaca.org). NetWrix SOX Compliance Suite covers many requirements of both frameworks to sustain compliance and pass compliance audits. In general, this automated compliance solution helps to maintain established controls by tracking and reporting all changes in IT infrastructure for auditing purposes and implementing secure identity management practices to ensure system security.
Disclaimer: This information is not intended to provide legal advice or substitute for the advice of an attorney. | ||||||
|
Stay Connected:
|
All Solutions and Products | You're in good company: See NetWrix Customers List |
Download Evaluation