Data Integrity: The Intersection of Infosec and SOX

Updated: September 13, 2010

Although information security is not mentioned specifically by SOX, the integrity of the data access chain is central to compliance, and thus quality infosec is a crucial element for success on multiple levels.

Simply stated, SOX requires publically traded companies to prove they are in compliance with financial and accounting reporting requirements, and that the data used in that reporting is accurate.

Controls are what information security has to bring to the table, from network security and database integrity to access controls, event logging, file corruption, authentication issues and more.

Beyond just implementing controls, companies also need to be able to provide an assessment of the effectiveness of those controls in protecting information systems - this is where secure IT comes into play.

The simple fact is that publically traded companies are almost wholly dependent upon electronic information technologies and both the producers of the financial data and the auditors of that data depend on system integrity to demonstrate SOX compliance.

SOX compliance best practice requires a new level of cooperation between IT, legal, executives and risk management staff. Developing effective enterprise policies is a dynamic process that requires ongoing review and improvement efforts.

Attending the 20th Edition SOX Compliance & Evolution to GRC Conference is an effective way to learn about the intricacies of effective SOX compliance from senior leadership at some of the nation's largest companies.

This conference, held November 4-5, 2010 in Philadelphia, PA, will provide SOX practitioners and information security specialists a unique opportunity to explore the future of SOX compliance, including how to create and manage a successful global SOX strategy while integrating enterprise-wide GRC efforts.

Attendees will gain exclusive insights into how developing multiple levels of control sign-off, formalizing reporting standards, strengthening internal checks, and ensuring that financial reports exercise full disclosure that will guarantee that your corporate governance is managed with precision.

Building on a series of successful SOX conferences, Marcus Evans and Infosec Island invite all those who are involved with Sarbanes-Oxley Compliance or Corporate Governance at their organizations to attend this premier event.

Keynote speakers and presenters for this conference include top leadership from Ryder, WalMart, Covidien, Ericsson, AstraZeneca, Medtronic, Wilmington Trust, Mohawk Industries and more.

Key Features of the Conference:

Review innovative approaches for the successful launch and maintenance of a control self-assessment initiative
Formulate methodologies to align senior management attention with the most pressing compliance priorities
Ascertain the role a cross application of controls will have for the evolution of SOX programs
Realize the necessity of a structured training and continuing education curriculum to ensure consistent performance of SOX controls and integrated GRC efforts

Related Categories

Featured Research

SolarWinds MSP; Digimite Technology

more
Five Cyberthreats that Slip Past Traditional Antivirus

more
The Art of Organizing and Simplifying IT Support

Any operational business model relies heavily on IT support and the help desk to achieve maximum uptime for all IT systems. This white paper addresses ways for help desk analysts and IT support staff to easily and efficiently handle their workload by simplifying and automating processes to increase time and operational cost savings, enhance productivity, and boost customer satisfaction. more
2020 Wheelhouse Buyer’s Guide to APIs

more
2020 Security Software Buyer’s Guide

more