SOX
Regulations and Compliance
The Sarbanes-Oxley Act of 2002 and associated rules
adopted by the Securities and Exchange Commission (SEC)
require certain businesses to report on the
effectiveness of their internal controls over financial
reporting. Effective internal controls ensure
information integrity by mandating the confidentiality,
privacy, availability, controlled access, monitoring and
reporting of corporate or customer financial
information.
Complying with
Sarbanes-Oxley
The changes required to ensure Sarbanes-Oxley
compliance reach across nearly all areas of a
corporation. In fact, Gartner Research went so far as to
call the Act "the most sweeping legislation to affect
publicly traded companies since the reforms during the
Great Depression." Since the bulk of information in most
companies is created, stored, transmitted and maintained
electronically, one could logically conclude that IT
shoulders a lion's share of the responsibility for
Sarbanes-Oxley compliance.
Enterprise IT departments are responsible for
ensuring that sound practices, including corporate-wide
information security policies and enforced
implementation of those policies, are in place for
employees at all levels. Information security policies
should govern:
- Network security
- Access controls
- Authentication
- Encryption
- Logging
- Monitoring and alerting
- Pre-planning coordinated incident response
- Forensics
These components enable information integrity and
data retention, while enabling IT audits and business
continuity.
Axcension provides a comprehensive solution to
Sarbanes-Oxley requirements as they relate to protecting
corporate financial information that is transmitted and
stored via email. Everything from message
privacy/encryption to email firewall and intrusion
protection to content filtering is included in our
solution. |
