Sarbanes Oxley (SOX) IT & Website Security Compliance
The Sarbanes-Oxley Act was enacted in 2002, and put rules in place for how corporations need to store records and the length of time for which they need to do so. The act was initially inspired by the fraudulant activities of large companies such as Enron and WorldCom, and the financial scandals that ensued.
Putting in place information access controls and keeping records secure but available is not necessarily a walk in the park, but if you have the right team on your side you can become compliant and avoid any nasty legal situations.
What Sarbanes Oxley Means For Your IT
So, while SOX was implemented because of financial issues, the security comes down to a matter of IT in many instances. This means that your IT department needs to develop its systems to be in tune with the regulations around record storage.
Section 404 states:
- State the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting
- Contain an assessment, as of the most recent fiscal year of the issuer, of the effectiveness of the internal control structure and procedures for the issuer for financial reporting
Your company must implement access and integrity controls on financial information, as well as system monitoring and audit trails.
The requirements for SOX compliance are fairly standard as far as IT security goes:
- User authentication
- Password management
- Access controls
- Input validation
- Exception handling
- Secure data storage and transmission
- Monitoring and alerting
- System hardening
- Change management
- Application development
- Periodic security assessments and audits
Sarbanes Oxley was enacted in order to put strict rules around how IT departments and companies handle sensitive financial information. To ensure your company is in line with these standards, work with a trusted partner to develop a compliant web solution.
Work With World Class Developers, Get Started Today!
Most if not all of Clarity's success can be attributed to the level of talent that we bring on year in and year out. When you work with Clarity to improve your company's web systems, you can feel rest assured that you are in the hands of industry experts and some of the most capable individuals in the industry. You can learn more about our team here.
Call us or fill out our request form to speak with our consultants today!