Major SOX Sections
SOX Act of 2002
2015 ERP Software
Welcome to Sarbanes Oxley 101
The Sarbanes-Oxley Act of 2002, sponsored by Paul Sarbanes and Michael Oxley, represents a huge change to federal securities law. It came as a result of the corporate financial scandals involving Enron, WorldCom and Global Crossing. Effective in 2006, all publicly-traded companies are required to implement and report internal accounting controls to the SEC for compliance.
Is Your Organization SOX Compliant for 2015?
Provisions of the Sarbanes Oxley Act (aka SOX, SARBOX or S-O) detail criminal and civil penalties for noncompliance, certification of internal auditing, and increased financial disclosure. It affects public U.S. companies and non-U.S. companies with a U.S. presence. SOX is all about corporate governance and financial disclosure.
The Sarbanes Oxley Act requires all financial reports to include an Internal Controls Report. This shows that a company's financial data accurate and adequate controls are in place to safeguard financial data. Year-end financial dislosure reports are also a requirement. A SOX auditor is required to review controls, policies, and procedures during a Section 404 audit.
SOX auditing requires that internal controls and procedures can be audited using a control framework like COBIT. Log collection and monitoring systems must provide an audit trail of all access and activity to sensitive business information.
Sarbanes-Oxley also encourages the disclosure of corporate fraud by protecting whistleblower employees of publicly traded companies or their subsidiaries who report illegal activities. Section 806 of Sarbanes Oxley the Act authorizes the U.S. Department of Labor to protect whistleblower complaints against employers who retaliate and further authorizes the Department of Justice to criminally charge those responsible for the retaliation.