The Sarbanes-Oxley Act's (SOX) broad category of "assets" requiring protection includes digital assets such as computer program source code, trade secrets, corporate financial information, patient records, and any other category of sensitive information where unauthorised disclosures could may have a negative impact on the company's stock price or its financial integrity. Organisations are required to closely monitor the usage of those digital assets and be able to detect such events in real time or near real time.
Senior financial management is required to implement internal controls to:
"provide reasonable assurance regarding prevention or timely detection of unauthorised acquisition, use or disposition of the registrant’s assets that could have a material effect on the financial statements."
( United States Security and Exchange Commission - Regulation 13A)
|
The provisions of SOX and other laws such as Gramm-Leach-Bliley Act (GLBA), California SB 1386 and the Health Insurance Portability and Accountability Act (HIPAA) of 1996 directly affect IT management professionals including Chief Information Officers (CIOs), Chief Information Security Officers (CISOs) and Chief Risk Officers (CROs). These laws contain specific provisions mandating the protection of sensitive content and establishing penalties for its unauthorised disclosure.
Code Green Networks Helps Protect Digital Assets
The Code Green Networks Content Inspection (CI) Appliance is an integrated and self-contained system designed to help senior IT professionals mitigate the risk of unauthorised disclosure of sensitive digital assets. This powerful and quick-to-deploy solution inspects content flow at your network's egress point and identifies sensitive information being transmitted. It can help you:
- Automate internal controls to protect proprietary content and intellectual property.
- Demonstrate reasonable assurance of efforts to protect confidential information.
- Ensure that private customer and personnel files remain private.
- Detect information leakage points and close them.
- Block unauthorised transmission of sensitive information.
- Monitor content transmissions and provide an audit trail of such transmissions for regulatory purposes.
To find out more about why content protection controls are important for SOX compliance, download the whitepaper "Improving Sarbanes-Oxley Internal Compliance with Effective Content Protection Controls." This white paper is written by SOX consultant Robert Moeller, who is the author of "Sarbanes-Oxley and the New Internal Auditing Rules."
|
