Meet SOX Compliance Requirements

Ensuring Transparency of Corporate Financial Operations

Accurate and Verifiable Corporate Disclosures

The Sarbanes-Oxley Act of 2002 (SOX) is a federal law that sets a list of requirements for all U.S. publicly-traded company boards, management, and public accounting firms. The purpose of the legislation is to improve the accuracy and reliability of corporate disclosures.

Executive Responsibility, Corporate Audits

Sections 302 (“Corporate responsibility for financial reports”) and 404 (“Management assessment of internal controls”) are of particular interest to information professionals. 302 holds CEO and CFOs personally responsible for disclosure accuracy, while 404 requires corporations to have their internal controls audited and reported annually to the SEC.

Real-Time Notification of Unusual Activity

Cygna Auditor's built-in and custom alerting notifies you of unusual activity such as scripted permission changes, or mass file updates typical of ransomware.

Real-Time Notification of Unusual Activity
Monitor Relevant Group Membership

Monitor Relevant Group Membership

Review and keep secured system access to a minimum with Cygna Auditor's group reports that show membership of secured system users and administrators.

Monitor Secured System Permissions

Keeping group membership current is only half the battle – you must ensure that permissions on secured systems stay the way they were intended. Cygna Auditor's permissions reports enable you to be sure access is correct.

Monitor Secured System Permissions
Monitor Activity on Secured Systems

Monitor Activity on Secured Systems

Cygna Auditor monitors all successful and failed data activity such as file or folder creation, access, updates, deletions, who made the changes and when they were made.

Examples of Addressed SOX Compliance Requirements

The Information Technology Governance Institute (ITGI) has used COSO and COBIT frameworks to create a set of specific IT control objectives for SOX. The requirements below are an example of COSO / COBIT recommendations that apply to Cygna Auditor.

AI3.2 Infrastructure Resource Protection and Availability
AI6.5: Change Closure and Documentation
AI7.7: Final Acceptance Test
DS3.5: Monitoring and Reporting
DS4.3: Critical IT Resources
DS5.3: Identity Management
DS5.5: Security Testing, Surveillance and Monitoring
DS5.4: User Account Management
DS10.2: Problem Tracking and Resolution
DS13.3: IT Infrastructure Monitoring