Sarbanes-Oxley (SOX) Act
SOX compliance is the act of adhering to the financial reporting, information security and auditing requirements of the Sarbanes-Oxley (SOX) Act, a US law that aims to prevent corporate fraud.
- Implement internal controls to protect financial data from tampering.
- File regular reports with the Securities and Exchange Commission (SEC) attesting to the effectiveness of security controls and the accuracy of financial disclosures.
- Pass an annual independent audit of their financial statements and controls.
The SOX Act also sets rules for the accounting firms that audit public companies and the analysts who publish research on securities. The act imposes significant fines and criminal sentences for fraudulent financial activities and certain forms of noncompliance.
While SOX is a financial regulation, stakeholders throughout the organization are involved in achieving compliance. IT departments and cybersecurity teams have become particularly important as organizations increasingly turn to technology solutions to protect financial information in complex enterprise networks.
For more information, see https://sarbanes-oxley-act.com/.