Put SOX on Automatic: Use Tools for Compliance

The tools to accurately audit the relationships among computing resources on an ongoing basis have only recently become available.

For years IT organizations have put process-control technologies like configuration management databases or change control systems on their budgetary wish lists. They were always told the same thing: “It is not a priority, maybe next year.” In walks the federal government to change all of that. The Sarbanes-Oxley Act of 2002 (SOX) tackles the integrity of the financial-reporting process for publicly traded companies. SOX outlines civil and criminal penalties for enterprise officers and external auditors if financial information is not accurate and complete. That got people’s attention.

See full Article.