WHITEPAPER

The Sarbanes-Oxley Act of 2002 was enacted to protect investors and clients from fraudulent corporate practices, in response to a number of accounting and financial scandals. These scandals cost investors billions of dollars and shook public confidence in the US markets. The law applies to all US public company boards as well as public accounting firms.

From Financial Reporting to Cyber Security: Expanding SOX Compliance

• What IT Systems are In Scope?
  Companies should perform an analysis to identify systems critical to financial reporting, prioritizing those with access to sensitive financial data, including common IT systems such as servers, workstations, and databases.
• Section 302: CEO/CFO Certification:
  Executives are required to certify the accuracy of financial reports and ensure that effective internal controls over financial data are in place. IT systems and cybersecurity protocols directly affect the trustworthiness of financial data and organizations must ensure proper controls are operational across these systems and processes.