Electronic Records, Electronic Documents, Digital Signatures
Source: SoluSoft Technology
The SOX requirements create an impact on corporate IT systems, practices and controls. It specifically affects data center operations, system software maintenance, application development and maintenance, business continuity and application software integrity. The critical area of IT control where the relevance of SOX is particularly high is in the control over application access through the use of identity and access management (IAM) processes and technologies. The SOX legislation itself does not provide specific guidelines as to what is or is not an effective internal control. However, to provide some guidance to companies required to comply with SOX, the SEC identified the internal control framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) as one framework that meets its criteria.