SOX / COBIT

Sarbanes-Oxley (SOX), Japanese Sarbanes-Oxley (JSOX), and Canada's Bill 198 were enacted to ensure that financial reports of public companies are accurate and reliable. These laws mandate that public companies maintain internal controls around financial reporting and disclosure. COBIT is the predominant framework used to assess SOX compliance.

SignaCert solutions enable IT organizations to demonstrate compliance with SOX by generating an audit trail proving that internal change control processes are being followed

SignaCert solutions enable IT organizations to demonstrate compliance with these regulations by generating an audit trail proving that internal change control processes are being followed. By ensuring that only approved and documented changes are being deployed to financial reporting systems, SignaCert solutions dramatically reduce the cost of audits, while providing a predictable and stable IT environment.

SignaCert solutions prove compliance by:

Detecting and alerting when unauthorized changes are made to monitored systems
Providing evidence of change controls for SOX compliance
Generating reports that demonstrate historical SOX compliance

A sample of COBIT controls for SOX compliance covered by SignaCert solutions include:

DS 5.3
Identity Management
DS 5.4
User Account Management
DS 5.5
Security Testing, Surveillance and Monitoring
DS 5.7
Protection of Security Technology
DS 5.8
Cryptographic Key Management
DS 9.2
Identification and Maintenance of Configuration Items via Change Detection