Achieving Sarbanes-Oxley Compliance with Security Testing.
Sarbanes-Oxley (often referred to as SOX) was enacted in 2002 to prevent financial statement fraud amongst US public companies. Although the act does focus on financial auditing, accounting and reporting, it also looks at risk and risk management. The Sarbanes-Oxley Act makes company executives responsible for establishing, evaluating and monitoring financial reporting controls. Penalties for non-compliance can include fines up to $5 million, and imprisonment for the organizations executives.
|
|
|
|
Under section 404 of the Sarbanes Oxley Act, companies are required to preserve the integrity of financial data. To meet this requirement, a series of controls were defined by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). These controls recommend that organizations undertake formal risk assessments to identify vulnerabilities, threats and impacts associated with the confidentiality, integrity and availability of IT Systems.
|
|
Nettitude provides PENETRATION TESTING , VULNERABILITY ASSESSMENT ,Social Engineering and Code Review services to help organisation identify their Risks. Once Risks have been identified, Nettitude provide strong remediation advice and guidance. This can include modifications to technology and application code, as well as improvements in policy, process and working practices.
|
To find out more about how Nettitude delivers risk assessments as part of Sarbanes Oxley compliance, please complete our contact form
and a security consultant will respond to your enquiry.