Sarbanes-Oxley SOX Compliance

SOXIn the wake of a number of corporate accounting scandals, including Enron, Peregrine Systems and WorldCom, the Sarbanes-Oxley Act was introduced ‘To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes’ The intent of the Act was to ensure that similar cases of accounting fraud and the misleading of investors would be prevented in the future for all publicly held companies, management and public accounting firms.

One of the key elements of the legislation is that company executives must take personal responsibility for the veracity of financial information, with far greater penalties for other financial fraud. The necessary internal controls/operational controls in terms of accounting and auditing require sufficient levels of governance, defined in SOX Section 404.

A ‘Top Down’ risk assessment must be conducted by Management, operating in conjunction with an independent external Auditor, covering a number of key questions:

  • Are internal controls related to significant accounts and financial reporting effective?
  • What is the potential risk for fraud or misrepresentation for business transactions with respect to IT systems and operational practices?
  • Do company-level controls comply with COSO framework best practices?

In order for any organization to even attempt to attest to SOX compliance will require secure, protected and governance-assured IT systems.

From an internal controls SOX 404 standpoint, NNT Change Tracker ensures that IT systems are protected from fraud and misuse, with requisite audit trails provided to prove system integrity has been maintained.

Systems must be hardened and provisioned on a strict ‘principle of least privilege’ basis and Change Tracker’s certified auditing technology for CIS Benchmark Checklists ensures that all available vulnerability mitigations are in place at all times.

Finally, the provision of a ‘Closed Loop’ Change Management system is vital to show exactly what changed and by whom at any stage in order to govern system integrity. By extension, any Unplanned Change will be highlighted for investigation and either approval or remediation in line with COBIT Framework best practices, favored strongly by SOX 404 Auditors.


Report Downloads


Register for a free trial and automate your systems now.

Request a free trial of NNT Change Tracker

NNT Products
Trusted by:
USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common

Tel: 01582 287310
email [email protected]
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500 Sans Institute
Copyright 2017, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.