About SOX Compliance

Sarbanes-Oxley Act aims to protect investors from fraudulent financial reports.

All public companies in the U.S., without exception, are subject to SOX compliance. SOX compliance requirements also apply to overseas operations of U.S. public companies and international companies listed on U.S. exchanges. Failure to comply with SOX can result in up to 5 million dollars in fines and up to 20 years of imprisonment of C-level executives accountable for SOX implementation.

Capabilities of Netwrix Auditor

Using Netwrix Auditor to pass SOX audit and maintain continuous compliance

Achieving sustainable compliance with SOX requires continuous joint efforts from business, finance and IT professionals in the establishment and ongoing evaluation of the company’s overall control environment, including its IT controls. Netwrix Auditor helps organizations satisfy IT SOX compliance requirements by automating manual IT control processes, and it also provides evidence required to pass a SOX IT audit.

Keep changes to IT systems and access to financial data under control

Document and review all changes to IT systems and access to resources involved in financial reporting processes to ensure no unauthorized changes or inappropriate access take place.

Get easy access to reports required for passing your SOX compliance audit

Use out-of-the-box compliance reports to prove to auditors that specific controls are in place and your organization’s IT compliance program adheres to SOX audit requirements.

Quickly find answers to auditors' questions

Use the Interactive Search feature to quickly find the exact information SOX auditors ask for, even if it goes beyond the scope of the predefined SOX compliance reports.

Ensure easy access to archived audit trails to prove SOX compliance

Retain your audit trail for years in a scalable, two-tiered storage to easily generate reports required to pass your SOX audit, even if the auditors ask for evidence that lies in the distant past.

See what SOX compliance requirements Netwrix Auditor helps you meet

Though the SOX Act requires public companies to adopt internal controls over financial reporting, it does not provide any specific recommendations for their implementation. Instead it requires organizations to adopt a “recognized control framework,” such as COSO or COBIT. While COSO gives only broad guidance on internal control practices, COBIT is specifically focused on IT controls. Both frameworks complement each other and therefore are often used in tandem for the purposes of compliance with SOX sections 302 and 404. Netwrix Auditor addresses requirements of both frameworks.
Find out which specific SOX audit requirements can be addressed using particular Netwrix Auditor reports.
Download Netwrix Auditor Report Mapping (.pdf)

Organizations of all sizes rely on Netwrix Auditor to ensure and prove SOX compliance

"I've used Netwrix Auditor in a company that had gone public and was now under SOX. It proved to be a cornerstone of my compliance reporting, and made my job (and the auditors’ jobs) easier to do. It would have been very difficult to have gotten it all together without it."

Richard Muniz,

Network/Systems Administrator