Understanding the Sarbanes-Oxley Act
For accountants that deal with publicly owned companies, ensuring your IT infrastructure is SOX-compliant is a must—and having a simplified solution in place makes ongoing compliance easier to manage.
The Sarbanes-Oxley Act was adopted as law to ensure that investors have reliable data in which to make their financial decisions. The law was, in large part, a result of the accounting scandals that took place around the turn of the century including within publicly-traded organizations such as Enron, Tyco International, Adelphia, and WorldCom. These scandals cost investors billions of dollars and resulted in a widespread loss in confidence in American securities. To remedy this loss-of-confidence, the United States congress took swift measures in a bipartisan co-sponsored bill that amended the necessary processes that publicly traded companies reported revenue. The bill is named after its co-sponsors, Senator Paul Sarbanes (D-MD) and Representative Michael G. Oxley (R-OH) and was signed into law by President George W. Bush on July 30, 2002.
By upgrading fiscal reporting laws, many of which were over 60 years old, the Sarbanes-Oxley Act (as it was known upon ratification) changed the way that accountants were required to go about presenting information to the boards of publicly traded companies, and thus places an emphasis on IT to assist in accomplishing this task.
schedule a call today
- Fill in our quick form
- We’ll schedule an introductory call
- We’ll take the time to listen and plan the next steps
What is SOX Compliance?
SOX Compliance is the observation of the protocols mandated by the Sarbanes-Oxley Act.
The sprawling reform made it necessary to report all numbers to the Securities Exchange Commission (SEC) in an effort to cut back on corporate scandals that had been defrauding investors. IT was enacted as a few well known publicly-owned corporations were “cooking their books” in order to retain unjustifiably high stock prices, inflating the worth of their companies. When the fraud was realized, it was too late and billions of investment dollars were lost.
In regards to technology, a SOX-compliant infrastructure is the creation and maintenance of a secure computing system that allows for privacy for secure transfer of financial information directly to accountable parties (i.e. Company officers). The creation of this infrastructure must meet the requirements of a SOX third-party auditor. These auditors are hired at the expense of the organization that requires the audit.
SOX Compliance Questions
Some of the variables that SOX auditors look for in a compliant IT infrastructure:
- Is there an identity-based security system in place on the applicable framework?
- Do the right people have access to the right data?
- Are services isolated to ensure that a compromised service can’t compromise an otherwise compliant infrastructure?
- Does the IT framework or database provide the confidentiality required by Article 404 of Sarbanes-Oxley?
- Is there physical security in place for applicable servers?
- Is there a firewall protecting that server from the internet, with applicable alterations that are to be made specifically for SOX compliance?
- Are your connections to your server encrypted?
Conclusion
It’s true that the protection against the misrepresentation of revenue often lays on the shoulders of a company’s technology.
The IT professionals at SRS Networks can clarify network security and the role it plays in regulatory compliance. Our certified technicians can help you prepare for your SOX, HIPAA, or PCI DSS audit.
For more information on Sarbanes-Oxley compliance for accounting firms, call us today at (831) 758-3636.
5 Star Google Reviews
EXCELLENT Based on 15 reviews Posted on Google Amanda Gladin-KramerTrustindex verifies that the original source of the review is Google. Very responsive and assured tech support much appreciated at a crucially busy time at my office. Thanks SRS!Posted on Google Ana FigueroaTrustindex verifies that the original source of the review is Google. Very prompt and knowledgeable every time I’ve needed assistance. Andrea is the primary contact I have and she’s been so helpful and patient while fixing my issues.Posted on Google Sandee SegoviaTrustindex verifies that the original source of the review is Google. Great team to work with. Friendly, efficient, and fast!Posted on Google Omar RuizTrustindex verifies that the original source of the review is Google. ANDREA IS THE BESTPosted on Google Neto TorresTrustindex verifies that the original source of the review is Google. Andrea was amazing in helping to solve my issue and is always super nice in assisting with whatever we need.Posted on Google Ron ParravanoTrustindex verifies that the original source of the review is Google. I appreciated Mike's knowledge and patience!! 10 stars instead of five!!Posted on Google Yvonne JonesTrustindex verifies that the original source of the review is Google. Had a main issue that Andrea fixed very quickly, plus a couple more side issues! Professional and competent. Highly recommend.Posted on Google Lannette LozanoTrustindex verifies that the original source of the review is Google. Andrea was great solving my problems and made sure to check-in with me a couple of days after working on it.Posted on Google Nathalia CarrilloTrustindex verifies that the original source of the review is Google. SRS is always prompt in responding to requests for assistance!Verified by TrustindexTrustindex verified badge is the Universal Symbol of Trust. Only the greatest companies can get the verified badge who has a review score above 4.5, based on customer reviews over the past 12 months. Read more