The Sarbanes-Oxley Act of 2002 (SOX) was passed due to the accounting scandals at Enron, WorldCom, Global Crossing, Tyco and Arthur Andersen, that resulted in billions of dollars in corporate and investor losses. These huge losses negatively impacted the financial markets and general investor trust. SOX mandates a wide-sweeping accounting framework for all public companies doing business in the United States.
SOX itself is organized into eleven sections, but sections 302, 404, 401, 409, 802 and 906 are the most important in terms of compliance. More specifically, SOX established new accountability standards for corporate boards and auditors, established a Public Company Accounting Oversight Board (PCAOB) under the Security and Exchange Commission (SEC), and specified civil and criminal penalties for noncompliance.
If applicable, a company must establish a financial accounting framework that can generate financial reports that are readily verifiable with traceable source data. This source data must remain intact and cannot undergo undocumented revisions. In addition, any revisions to financial or accounting software must be fully documented as to what was changed, why, by whom and when.
Secure Controls Framework (SCF)
Secure Controls Framework (SCF) "Premium Content" - Expertise-Class Policies, Control Objectives, Standards, Guidelines, Controls & Metrics. Product Walkthrough Video This short product walkthrough video is designed to give a brief overview about...
ComplianceForge is very pleased to announce it is now a Secure Controls Framework Licensed Cont...
The NIST Cybersecurity Framework (NIST CSF) is commonly used “cybersecurity best practice” for organ...
Cybersecurity Supply Chain Risk Management (C-SCRM) is the process of identifying, assessing and mit...
Determining the scope of controls (e.g., assessment boundary) is different than determining control...
