Understanding the Sarbanes-Oxley Act

For accountants that deal with publicly owned companies, ensuring your IT infrastructure is SOX-complaint is a must.

The Sarbanes-Oxley Act was adopted as law to ensure that investors have reliable data in which to make their financial decisions. The law was, in large part, a result of the accounting scandals that took place around the turn of the century including within publicly-traded organizations such as Enron, Tyco International, Adelphia, and WorldCom. These scandals cost investors billions of dollars and resulted in a widespread loss in confidence in American securities. To remedy this loss-of-confidence, the United States congress took swift measures in a bipartisan co-sponsored bill that amended the necessary processes that publicly traded companies reported revenue. The bill is named after its co-sponsors, Senator Paul Sarbanes (D-MD) and Representative Michael G. Oxley (R-OH)\ and was signed into law by President George W. Bush on July 30, 2002.

By upgrading fiscal reporting laws, many of which were over 60 years old, the Sarbanes-Oxley Act (as it was known upon ratification) changed the way that accountants were required to go about presenting information to the boards of publicly traded companies, and thus places an emphasis on IT to assist in accomplishing this task. Since the law calls for dynamic reporting requirements to be put in place, including pro-forma figures, stock transactions of corporate officers, and off-balance-sheet transactions, computing was to play a larger role than ever in the execution of proper oversite under the Sarbanes-Oxley Act.

What is SOX Compliance?

SOX Compliance is the observation of the protocols mandated by the Sarbanes-Oxley Act.

The sprawling reform, made it necessary to report all numbers to the Securities Exchange Commission (SEC) in an effort to cut back on corporate scandals that had been defrauding investors. IT was a enacted as a few well known publicly-owned corporations were “cooking their books” in order to retain unjustifiably high stock prices, inflating the worth of their companies. When the fraud was realized, it was too late and billions of investment dollars were lost.

In regards to technology, a SOX-compliant infrastructure is the creation and maintenance of a secure computing system that allows for privacy for secure transfer of financial information directly to accountable parties (i.e. Company officers). The creation of this infrastructure must meet the requirements of a SOX third-party auditor. These auditors are hired at the expense of the organization that requires the audit.

SOX Compliance Questions

Some of the variables that SOX auditors look for in a compliant IT infrastructure:

  • Is there an identity-based security system in place on the applicable framework?
  • Do the right people have access to the right data?
  • Are services isolated to ensure that a compromised service can’t compromise an otherwise compliant infrastructure?
  • Does the IT framework or database provide the confidentiality required by Article 404 of Sarbanes-Oxley?
  • Is there physical security in place for applicable servers?
  • Is there a firewall protecting that server from the internet, with applicable alterations that are to be made specifically for SOX compliance?
  • Are you connections to your server encrypted?

Conclusion

It's true that the protection against the misrepresentation of revenue often lays on the shoulder of a company's technology.

The IT professionals at Gatun Technologies can clarify network security and the role it plays in regulatory compliance. Our certified technicians can help you prepare for your SOX, HIPAA, or PCI DSS audit.

For more information on Sarbanes-Oxley compliance for accounting firms, call us today at (844) 567-2540.

Years experience

0+

Years experience
Certified experts

0

Certified experts
End user satisfaction

0%

End user satisfaction
Global reach

0countries

Global reach
Service desk

024/7

Service desk

Our Managed IT services will help you succeed. Let’s get started

Solutions

Comprehensive IT services include

  • router-1807_67aa302b-3a94-46a7-aa3d-66b8928a87d7

    Network

    Cloud services are network dependent, which is why NanoSoft network management and monitoring services have become critical to IT.

  • telephone-operator-4682_c9489618-836b-47ec-8489-e15f613cb10c

    Service desk

    NanoSoft 24/7 support is about maximising service efficiency, resolving problems and driving continuous service improvement.

  • computer-network-1878_39828809-88f9-48e1-9a76-61c99401ec99

    Infrastructure

    NanoSoft ensures your IT infrastructure is always optimised to support the stable and highly available services organisations demand.

  • settings-server-1872_2e41baf2-8789-4215-b430-db35c3899936

    Endpoint management

    Client and server endpoints are managed as one estate, ensuring security and stability while maximising uptime and employee productivity.

  • source-code-1754_2b435bd8-ce76-4910-8137-7d07a3557fa3

    Applications

    NanoSoft supports Software as well as on-premise deployments, ensuring applications are always optimised for the best possible user experience.

  • add-image-5030_dcf585b8-8f3d-48ad-8579-a4ad56d14ba6

    Managed services plus

    NanoSoft provides advanced management tools to clients who want to take their IT Service Management to a higher level.

Benefits

Our services provide a unique range of benefits

  • Control IT Costs

    You can scale your IT Costs according to your requirements and only pay for what you need. Whether that be increasing or decreasing staff, or IT project work.

  • Trusted IT advisor

    Through regular account management meetings your Managed IT service company will be able to oversee your overall IT roadmap and become your trusted advisor.

  • Economy of scale

    As your business grows, its support structure needs to grow, too. When you use a managed IT service you can scale your business up or down with nothing more than a simple discussion.

  • Increased efficiency

    You’ll have your IT needs outsourced to a team of IT experts, and during times where you need additional project support, your managed IT provider supplies the extra staff.

  • Small initial investment

    Managed IT services help you offset the initial investment of technology costs. Rather than spending thousands of dollars on hardware and software upfront.

Stop wasting time and money on technology. Let’s get started

NanoSoft are always accommodating our diverse needs and we feel like they are a part of our company rather than an external supplier.
John H. Bedard, Jr
Pricing and Plan

1 monthly fee for all IT services. No costly surprises