breadcrumb breadcrumb breadcrumb SOX Compliance
SOX Compliance SOX COMPLIANCE

Sarbanes-Oxley SOX Compliance

SOXIn the wake of a number of corporate accounting scandals, including Enron, Peregrine Systems and WorldCom, the Sarbanes-Oxley Act was introduced ‘To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes’ The intent of the Act was to ensure that similar cases of accounting fraud and the misleading of investors would be prevented in the future for all publicly held companies, management and public accounting firms.

Data governance requires IT system integrity to be maintained

One of the key elements of the legislation is that company executives must take personal responsibility for the veracity of financial information, with far greater penalties for other financial fraud. The necessary internal controls/operational controls in terms of accounting and auditing require sufficient levels of governance, defined in SOX Section 404.

A ‘Top Down’ risk assessment must be conducted by Management, operating in conjunction with an independent external Auditor, covering a number of key questions:

  • Are internal controls related to significant accounts and financial reporting effective?
  • What is the potential risk for fraud or misrepresentation for business transactions with respect to IT systems and operational practices?
  • In summary, do company-level controls comply with COSO (Committee of Sponsoring Organizations of the Treadway Commission) framework best practices? (first published in 1992 and updated in 2013)

In order for any organization to even attempt to attest to SOX compliance will require secure, protected and governance-assured IT systems.

From an internal controls SOX 404 standpoint, NNT Change Tracker ensures that IT systems are protected from fraud and misuse, with requisite audit trails provided to prove system integrity has been maintained.

Systems must be hardened and provisioned on a strict ‘principle of least privilege’ basis and Change Tracker’s certified auditing technology for CIS Benchmark Checklists ensures that all available vulnerability mitigations are in place at all times.

Finally, the provision of a ‘Closed Loop’ Change Management system is vital to show exactly what changed and by whom at any stage in order to govern system integrity. By extension, any Unplanned Change will be highlighted for investigation and either approval or remediation in line with COBIT Framework best practices, favored strongly by SOX 404 Auditors.

 

Report Downloads

 

Register for a free trial and automate your systems now.

Request a free trial of NNT Change Tracker

NNT Products
  • Change Tracker Gen7 R2
    Change Tracker™ Gen7 R2

    Combine industry leading Device Hardening, File Integrity Monitoring, Change & Configuration Management, Security & Compliance Management into one easy to use solution!

  • FAST Cloud
    NNT F.A.S.T. Cloud™ Threat Intelligence Integration

    Automatically evaluate file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Threat Intelligence.

  • NNT Log Tracker
    Log Tracker Enterprise™

    Comprehensive and easy to use security information & event log management with intelligent and self-learning correlation technology to highlight potentially harmful activity in seconds.

Trusted by:
securum.jpgCompliance-360.jpgacas.jpgpaymetric.jpgconduent.jpglansare_logo.jpghermanmiller.jpgchaparral.jpgushmm.jpgpowerchord.jpgthewestbrom.jpg4wheelparts.jpgpunter-southall.jpgpando.jpggvec.jpgactivetelesource.jpgnic-inc.jpghei-hotels.jpgplatin.jpgshearwater.jpgdupont.jpgeon.jpgsafarimicro.jpgalamo-colleges.jpgpurchase.jpghhglobal.jpgislandbanki.jpgvoxgen.jpgeztaxreturn.jpgxap.jpgctrls.jpgemircom.jpgingbank.jpgdunelm.jpgmaxwellpaper.jpghotel-cholat.jpgonpoint.jpgblakemore.jpgnkwd.jpgeasystreet.jpgedm.jpggeneral-dynamics.jpgprometric.jpgcardknox.jpgBiaggis.jpgbankcardusa.jpgwallashops.jpgessex-police.jpgcornell.jpglandisgyr.jpgequiant.jpggowireless.jpgbriefing.jpgnorcotek.jpgNIBSS.jpgwonga.jpgidexperts.jpgshazam-network.jpgselectcore.jpgcority.jpgdublin-business.jpgpass.jpglsi.jpgvisa.jpgbobby-cox.jpgsymetra.jpgcityofgolden.jpgaberdeen.jpgjet-blue.jpgclickandbuy.jpgabrsm.jpgnashville-int-airport.jpgace.jpgspar.jpgamdocs.jpgcrowedunlevy.jpgipservices.jpg5thavetheatre.jpgrah.jpgiac.jpgtrillium.jpgentee.jpgpkr.jpgriskassociates.jpgsynergiecontact.jpgghl.jpgnhs.jpgfirst-quantum.jpgdatamatx.jpgcuany.jpgcablewire.jpgnhs-bury.jpgwalmartecomm.jpgwescom.jpgmcr.jpgrosamond.jpgbowtie.jpghph.jpgnctm.jpgconcord.jpgpicturehouse.jpgtheatreroyal.jpgacucall.jpgwhynotleaseit.jpghampshire.jpgincdirect.jpgjdwetherspoon.jpgseapines.jpgodeon.jpgmarwoodgroup.jpgquann.jpghbl.jpgzamir.jpgredwood.jpgfamilylife.jpgduoboots.jpgkynetic.jpgnxgen.jpgpaypro-business.jpgpartnerships.jpgeTranzact.jpgepay.jpgvodafone.jpgkalmbachpublishing.jpggolubcapital.jpghc-services.jpgharbouritau.jpgfis.jpgboomerangsg.jpgrealec.jpgPenn-State-Uni.jpgunnorthcar.jpgtechnologypros.jpgvse.jpgbritish-museum.jpgcambridgeass.jpgucsandiego.jpgpayone.jpgcredimax.jpgaspen.jpgwestern-financial-group.jpgcare.jpgsoutheastvalley.jpgzen.jpgrnib.jpgcboss.jpgcua.jpgvmi.jpgTotal-Card.jpgSpanson.jpgharrods.jpgsajan.jpgorbcomm.jpgpma.jpgpotash.jpghandh.jpgwizzair.jpgonstar.jpgchanel.jpgxerox.jpgarmy.jpgtmnas.jpgdhl.jpgsymago.jpgsecureway.jpgcsmartlive-casino.jpgcentertheatre.jpgderivco.jpglark.jpgsky.jpgryanair.jpgopportune.jpgforeshore.jpgzap.jpgRed-Card-Systems.jpgcarrefour.jpgbnpparibas.jpgiridium.jpgkennethhagin.jpgBlackbird-Technologies.jpgwindsorandmaidenhead.jpgmagna-rewards.jpgnymbus.jpgScotRail.jpgsikorsky.jpghepsiburada.jpgwett.jpgticketmaster.jpgskipton.jpgbrightstar.jpgunionbank.jpgaciconn.jpgboomkat.jpgshi.jpgarqiva.jpgcolliercounty.jpgberkshireassociates.jpgdudley-nhs.jpgStandard-Hotel.jpgmtrgaming.jpgintuition.jpgAWA-Collections.jpgenmax.jpgsimmons.jpgageas.jpgretail-lockbox.jpgasociacioncibao.jpgeuroffice.jpglivetv.jpgclayco.jpgcreditadjustments.jpgovec.jpgcigna.jpgstjoe.jpgni.jpgspendvision.jpgbarton-cooney.jpgwhsmith.jpgnewlook.jpgpotashcorp.jpgvnpay.jpgxaxis.jpgraiffeisen.jpgsunchemical.jpgadvance2000.jpgcontinuum.jpghansen.jpgblaze.jpgkenneth-copeland.jpgmyriad-view.jpgRichland-Logistics.jpgsiconns.jpgfisherbioservices.jpgrnn.jpgpicinc.jpgpma-iss.jpgveolia.jpgbrocade.jpgdeluxe.jpggm.jpgrentatoll.jpgnafsa.jpgmathe.jpghp.jpgjohnsons.jpgduncansolutions.jpgideal.jpgjo-ann.jpgford.jpgtrustford.jpgAeriandi.jpgrayonier.jpgdeluxecorp.jpgShelby-County.jpgwestfield-state-university.jpgjack-wills.jpgstpeters.jpgaimia.jpgtravelodge.jpgbuilding-controls-group.jpgzenithbank.jpgdxc.jpguniversal-orlando.jpgbankofchina.jpgunifiedpayments.jpgbom.jpgMontrose-Travel.jpglivenation.jpgcollege-station.jpginss.jpghub_logo.jpgleidos.jpgbchdigital.jpg
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
1175 Peachtree St NE
Atlanta, Georgia, 30361.
Portland
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (919) 345-8350
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Information
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2018, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.