White Papers for Sarbanes-Oxley (SOX)

Sarbanes-Oxley Compliance and Identity and Access Management

Evidian

The Sarbanes-Oxley Act of 2002 (SOX) was passed in the wake of corporate scandals in which major companies’ financial reports failed to represent the severity of issues facing these companies. In reaction, SOX aims at restoring investors' confidence in public companies and in the credibility of their financial reporting.The part of SOX that most directly concerns IT security is Section 404, which aims at strengthening internal control over financial reporting, and in so doing, minimizing material weaknesses in the reporting process. Section 404 requires that audited reports which concerned companies file yearly at the SEC, known as 10K, include a section on the status and effectiveness of internal control over financial reporting. The Securities and Exchange Commission issued its final rule in August 2003 and specified the content of this section, as well as the general procedure to be used in this management assessment.

View the White Paper

Share or bookmarklet this web page at: