Sarbanes-Oxley Act (SOX)
The Sarbanes-Oxley Act was introduced in July 2002, and thoroughly reformed rules on the corporate governance and reporting responsibilities of public companies. The Securities and Exchange Commission has set deadlines for compliance at 15th June 2004 for corporations with a total turnover of more than $75 million a year, and 15th April 2005 for smaller companies. Read on to find out how NGSSoftware's suite of security auditing tools can help your company achieve and maintain SOX compliance.
Section 404 of this act, entitled "Management Assessment of Internal Controls", deals with the responsibility of company management to maintain an internal control structure for financial data and reporting and to perform regular audits on this system. NGSSoftware's product suite of vulnerability scanners can perform penetration tests on all IT systems in an organisation and provide in-depth reports on vulnerabilities detected. This allows a corporation to carry out 'due diligence' checks of their IT assets, and provide an assessor with a list of the issues found and a projected timeline to achieve resolution in order to remain compliant with the law.
NGSSQuirreL, our family of database security scanners, is able to check the security of financial data held on the three most widely used DBMS solutions: Oracle, Microsoft SQL Server and IBM DB2. Our software simplifies the task of proving your IT infrastructure to be secure, and so greatly facilitates SOX compliance.
