Although information security is not mentioned specifically by SOX, the integrity of the data access chain is central to compliance, and thus quality infosec is a crucial element for success on multiple levels.
Simply stated, SOX requires publically traded companies to prove they are in compliance with financial and accounting reporting requirements, and that the data used in that reporting is accurate.
Controls are what information security has to bring to the table, from network security and database integrity to access controls, event logging, file corruption, authentication issues and more.
Beyond just implementing controls, companies also need to be able to provide an assessment of the effectiveness of those controls in protecting information systems - this is where secure IT comes into play.
The simple fact is that publically traded companies are almost wholly dependent upon electronic information technologies and both the producers of the financial data and the auditors of that data depend on system integrity to demonstrate SOX compliance.
SOX compliance best practice requires a new level of cooperation between IT, legal, executives and risk management staff. Developing effective enterprise policies is a dynamic process that requires ongoing review and improvement efforts.
Attending the 20th Edition SOX Compliance & Evolution to GRC Conference is an effective way to learn about the intricacies of effective SOX compliance from senior leadership at some of the nation's largest companies.
This conference, held November 4-5, 2010 in Philadelphia, PA, will provide SOX practitioners and information security specialists a unique opportunity to explore the future of SOX compliance, including how to create and manage a successful global SOX strategy while integrating enterprise-wide GRC efforts.
Attendees will gain exclusive insights into how developing multiple levels of control sign-off, formalizing reporting standards, strengthening internal checks, and ensuring that financial reports exercise full disclosure that will guarantee that your corporate governance is managed with precision.
Building on a series of successful SOX conferences, Marcus Evans and Infosec Island invite all those who are involved with Sarbanes-Oxley Compliance or Corporate Governance at their organizations to attend this premier event.
Keynote speakers and presenters for this conference include top leadership from Ryder, WalMart, Covidien, Ericsson, AstraZeneca, Medtronic, Wilmington Trust, Mohawk Industries and more.
Key Features of the Conference:
Microsoft moved to the cloud in 2014, and, as a result, Office 365 is taking off. Now, Okta customers are connecting to Office 365 in increasing numbers. This eGuide explains why IT departments should plan and deploy solutions around identity and mobility management in concert with their Office 365 roll out to get maximum user adoption. more
For most companies, Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) play a central role in coordinating identity and access management policies. When on-premise applications are integrated to Active Directory or LDAP, users get the best possible experience. That's why Okta's cloud-based identity and access management service provides a highly useful single integration point. more
In the 1980s and 1990s, business applications and data were largely confined within and protected by a Local Area Network (LAN). The 2000s introduced a significant change. Download this white paper now to learn why the shift to the cloud is changing how companies think about and manage their IT infrastructure. more
With more and more businesses adopting Software-as-a-Service (SaaS) applications, enterprise IT is fundamentally changing. This whitepaper presents the eight biggest Identity and Access Management (IAM) challenges associated with adopting and deploying cloud and SaaS applications, and discusses best practices for addressing each of them. more