The Sarbanes Oxley Act of 2002, also known as the ‘Public Company Accounting Reform and Investor Protection Act’ and ‘Corporate and Auditing Accountability and Responsibility Act’, and more commonly called Sarbanes–Oxley, Sarbox or SOX, is a United States federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms.
Under Section 404 of the Act, management is required to produce an “internal control report” as part of each annual Exchange Act report. The report must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting”. The report must also “contain an assessment, as of the end of the most recent fiscal year of the Company, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.” To do this, managers are generally adopting an internal control framework such as that described in COSO.
The reality of the Sarbanes-Oxley Act is that each public company needs to develop an individualized approach to reporting and compliance.
Deepnet security solutions can be used to help close a number of common gaps identified on the path to Sarbanes-Oxley Section 404 compliance.
- Secure Identity Management
- Identity provisioning
- Policy-based access control
- Strong authentication
- Data Protection & Integrity