What is SOX ?

SOX - Sarbanes-Oxley

The Sarbanes-Oxley Act of 2002 protects investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws. One of the most significant provisions within Sarbanes-Oxley are the criminal and civil penalties that place executive management and the board of directors in the “hot seat.” Specifically, under Section 404 of the Sarbanes-Oxley Act, executives need to certify and demonstrate that they have established and are maintaining an adequate internal control structure and procedures for financial reporting.

Objectives to meet Sarbanes-Oxley compliance
Sarbanes-Oxley requires a new level of corporate governance and accountability. As a result, the vital role security information and event management (SIEM) plays in establishing and maintaining internal controls have never been greater. Companies must institute log monitoring and vulnerability assessments as a critical part of their IT internal control systems. Both domestic and international publicly-traded companies must comply with Sarbanes-Oxley. If you are a covered entity you must have methods to maintain audit trails and to log possible altering of electronic records. Network Intelligence has mapped best practices and reports to help organizations comply with audits under Sarbanes-Oxley Section 404.

For more details check http://www.network-intelligence.com/solutions/compliance/regulations/sarbanesoxley.asp