Ask
Login
0
3.0kviews
SOX - Key IT Requirements
written 5.4 years ago by gravatar for teamques10 teamques10 68k modified 2.8 years ago by gravatar for pedsangini276 pedsangini276 4.8k
cyber security and laws
ADD COMMENT EDIT
1 Answer
0
480views
written 5.4 years ago by gravatar for teamques10 teamques10 68k
  • You must have a written security policy.
  • You should baseline your current compliance state and be prepared to show progress towards full compliance. SOX is commonly applied with progressive requirements year over year
  • Additional sections of SOX require "timely monitoring and response" to issues that may materially affect data used or relied upon to generate public financial reports. In IT terms, you need to monitor your logs, and respond to threats. SIEM tools and Intrusion Detection Prevention Systems are commonly inferred from "timely monitoring."
  • You must log and audit access to financial data and critical files used in the preparation of public financial reports.
ADD COMMENT EDIT
Please log in to add an answer.