SOX Compliance Software - Bsafe

Since the Sarbanes Oxley Act of 2002, a wealth of software products have come on to the market, designed to facilitate the implementation of the act or, in other words, to be in compliance with it (see What is compliance?).

Due to the background of events that led to Sarbanes-Oxley, namely executive interference with financial data, the misreporting of company financial status and the subsequent fall of several prominent companies, SOX's emphasis is squarely on financial control and executive responsibility. The most well known examples - Enron, Tyco and WorldCom - left their shareholders out of pocket and SOX came about largely to protect future shareholders from a similar fate. To this end, Sarbanes-Oxley contains requirements relating to a number of different categories including business processes, financial reporting and management or executive responsibility.

The SOX compliance software available includes an impressive selection of tools having a variety of different functions including compliance management software, streamlining organizational processes (e.g. corporate performance management, business intelligence, documentation management) and ensuring the safety and integrity of company information. The latter group is naturally aligned to information technology and includes SOX compliance software for security and auditing.

Bsafe Information Systems produces SOX compliance software for data security. These products target the SOX demands for internal controls that include the ability to protect information from unauthorized access and to be able to audit accesses made. The auditing requirements in SOX and other regulatory sources has given rise to a new category of products called security information and event management (SIEM) software, which can cross the borders between platforms and consolidate audit events from different types of computer in the enterprise.

Sarbanes-Oxley regulatory compliance software has been further enhanced by the steady rise in the number of security incidents such as data theft and malicious attacks on computer systems. Access control and intrusion detection software therefore clearly has a twofold benefit, helping to comply with SOX regulations and also providing tangible protection to the organization. Legacy information systems which have enjoyed sufficient built-in security functionality have been often found less secure with the vastly increased connectivity (TCP/IP) of the 21st century.

It is Section 404 that has had the biggest impact on SOX compliance software for data security. This section's outline mandate of ‘management assessment of internal controls' is the root of most electronic means of preventing fraud in financial data. When analyzed, SOX 404 compliance points to a need for internal controls including IT security mechanisms such as access control, backup, encryption and auditing. Section 409 makes still further auditing and reporting demands, mandating the company to disclose any information that indicates a change in the company's financial position.

Beyond purely technical controls a sound security policy is considered in SOX and other regulatory compliance areas to be a significant factor for SOX compliance software in security. Moreover, template-based policies and centralized management of such policies are gaining popularity.

Bsafe data security software and SOX compliance software solutions extend across different platforms and answer a variety of security and auditing requirements.