Are there holes in your SOX? (Sarbanes-Oxley compliance for public and private companies)

Website design By BotEap.comSummary:

Website design By BotEap.comEnron’s illicit transgressions and others like them in the late 1990s led to the creation of regulations to standardize the reliability of financial institutions and public companies. Companies facing SOX compliance will need to consider the following: What are best practice processes, how do these processes differ from existing practices, how should new processes be implemented, and how can short-term processes be balanced with “longer term strategic goals”?

Website design By BotEap.com– – – – – – – – –

Website design By BotEap.comA world before SOX:

Website design By BotEap.comThe corporate world had a rude awakening after a series of well-publicized corporate financial scandals. Many stories of embezzled corporate dollars emerged in the late 1990s involving companies like Enron, Tyco, and WorldCom. The legislation soon responded to the multitude of serious transgressions committed by the top management of the business world.

Website design By BotEap.comThe offenses committed by these industry bosses ranged from extravagant multi-million dollar trips to exotic locals, large private gifts to spouses, and shuffling company funds to fund other investments. The corporate world needed to be held accountable for its misdeeds. SOX (Sarbanes-Oxley Act) or the Public Companies Accounting Reform and Investor Protection Act of 2002 came into being to improve corporate governance and help control possible future misdeeds.

Website design By BotEap.comThe Sarbanes-Oxley Act of 2002 requires publicly traded entities to define, evaluate, and document the processes that lead to senior management accountability. SOX requires that substantial audits or verification controls be in place to ensure that top management is at fault for its financial actions.

Website design By BotEap.comWhy should private companies care about SOX?

Website design By BotEap.comWhile SOX applies directly to publicly traded companies, private companies wishing to do business with companies listed in places like NASDQ must also comply with Sarbanes-Oxley.

Website design By BotEap.comMany large public corporations will simply refuse to do business with private companies that do not comply with SOX. Private companies that want to do business with large public entities are now also involved in a SOX-compliant landscape.

Website design By BotEap.comSOX affects a wide range of industries that “touch” the information of publicly traded companies, including and not limited to:

  • Lawyers
  • Accountants and audit firms who review the financial statements of the company.
  • Brokers or distributors and their employees
  • Security companies that handle electronic transactions
  • International companies operating in the United States
Website design By BotEap.comAcceptance of SOX by private companies is not a problem, as “73% of CEOs of private companies said that SOX has done at least a decent job to improve financial governance and transparency for public companies” (1).

Website design By BotEap.comWho is responsible for compliance with SOX communications?

Website design By BotEap.comSOX requires that incoming and outgoing correspondence be controlled. Depending on the structure of the company, communication exchanges may be overseen by Chief Compliance Officers (CCOs), Chief Information Officers (CIOs), and Chief Risk Officers (CROs). These executives are responsible for the security, accuracy, and reliability of the organization’s messaging and reporting systems.

Website design By BotEap.comPersonal care organizations have policies set by their senior senior officials that describe what information may or may not be communicated outside of a department and outside of the organization. While these rules exist, companies often do not take the necessary steps to ensure that employees within the organization understand these rules and their importance.

Website design By BotEap.comWhat are the key elements of SOX related to electronic data storage and email security?

  • SOX Section 404: Spreadsheets and financial reports must be protected against accidental or deliberate falsification or redistribution.
  • SOX Section 409: Real-time disclosure of material affecting company finances must be reported within 48 hours.
  • SOX Section 802: Ensures that documents and records are not tampered with
  • SOX Section 1102: Corrupting, tampering, mutilating, destroying or concealing records are violations. Those guilty of obstructing an investigation or official proceeding will face 20 years in prison and fines.
Website design By BotEap.comThe Sarbanes-Oxley Act focuses on the corporate governance, liability, and reporting practices of publicly traded companies. However, the law also affects private companies that could one day go public and those that do business with publicly traded companies.

Website design By BotEap.comWhat are the holes in your SOX compliance?

Website design By BotEap.comWhile sharing information online is a convenient e-commerce luxury, it also creates great vulnerability as information, data, and correspondence are exchanged from business to business. Email and data sharing can raise privacy and SOX compliance issues.

Website design By BotEap.comThis erratic misuse of company information is not unique to US companies. The staff of 18% of large UK companies gained unauthorized access to information during 2005, according to the report. Nine percent of these large companies saw their staff misuse restricted information. (2)

Website design By BotEap.comHow can your company sew its SOX holes?

Website design By BotEap.comExecutive management seeking to comply with SOX must have the strength and commitment to strategic planning and execution of the directives of the Sarbanes-Oxley Act. The CEO, CFO, CCO / CRO and CIO of the company must cooperate and have exacting attention to detail when establishing policies to comply with SOX. The need to create and implement strong email and electronic data retention policies and online compliance with SOX has never been greater than in today’s fast-changing world of electronic business.

Website design By BotEap.comEmail is not necessarily secure against interception. Whether or not the email is encrypted in transmission depends on your software. Therefore, our policy is not to send you emails that contain identifiable information about you, your home, or your business.

Website design By BotEap.comAndy Purdy, Acting Director of the National Cyber ​​Security Division of the Department of Homeland Security in a 2006 interview with CNET identifies the importance of protecting a company’s important digital assets:

Website design By BotEap.com
“Small and large businesses and government are important when it comes to reducing cyber risk. We are trying to educate partners on responsibility and the techniques that consumers can use to help protect their systems …”(3)

Website design By BotEap.comBefore Sarbanes-Oxley, corporations saw gross abuse of executive power at the cost of serious business growth. Today, severe criminal and civil penalties will be imposed for violations of the securities law against companies that do not comply with SOX standards.

Website design By BotEap.comHow can private companies thrive in today’s field of email connection, while still being SOX compliant? Introducing strong compliance policies in line with SOX, including firewalls, up-to-date virus protection, encryption, and email anti-theft measures, can help a company work cooperatively with publicly traded companies.

Website design By BotEap.comBenefits of email anti-theft software

Website design By BotEap.comImplementing email theft protection enables a business to grow in credibility, reputation, and trust; all the factors that lead to an increase in clientele and income.

Website design By BotEap.comWith security measures to maintain business correspondence and protect outgoing email, SMBs can be prudent with their technology budgets and well-armed with the tools and resources necessary to comply with the industry. Customers will feel more secure sharing their personal information with compatible SBM offices, paving the way for better and more secure communication.

Website design By BotEap.com– – – – – – – – – – –

Website design By BotEap.comFinal notes:

Website design By BotEap.com1.) Rob Preston Information Week “Time to Regulate Regulations,” Feb. 27, 2006, pg. 78.

Website design By BotEap.com2.) BBC News, “Business Lax in Safeguards Against Identity Theft” March 16, 2006, BBC Online; URL:
http://news.bbc.co.uk/2/hi/technology/4809262.stm

Website design By BotEap.com3.) Joris Evers, “Newsmaker: Locking down America’s Net defense” February 16, 2006, CNet New.com – [http://news.com.com/Locking+down+Americas+Net+defenses+-+page+2/2008-7348_3-6040223-2.html?tag=st.num]

Leave a Reply

Your email address will not be published. Required fields are marked *