Welcome, Guest | Sign in
Become a Reseller

SOX:
  • What is SOX Compliance Act?

    The Sarbanes Oxley Act of 2002 is created as a result of to a number of major corporate and accounting scandals. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation's securities markets.


  • Need for SOX Compliance

    It is mandatory for the public traded companies to report their internal audit structure to Securities and Exchange Commission (SEC). Non compliance to this act attract criminal penalties.


  • Role of IT in SOX Compliance

    Under section 404 of SOX compliance, management is required to produce an "internal control report". It must affirm the responsibility of management for establishing an adequate internal control structure and procedures for financial reporting.


    SOX Section 404 and other regulatory requirements specify that enterprises create and maintain detailed information about information flow and user access across entire enterprise networks. Centrally managed repositories of such information are also essential elements of effective Identity and Access Management and IT security architectures.


    It is the duty of IT to assure that authorized people conduct all financial transactions and data entry, and that all transactions get logged and tracked in ways that support comprehensive auditing. To meet these and other business requirements, IT executives must ensure that the Identity and Access Management (IAM) solutions at their enterprises deliver adequate levels of demonstrable, transparent compliance.


  • Role of Active Directory in SOX Compliance

    Active Directory is powerful and flexible, and enables and supports effective, policy-based management of "compliance-ready" IAM initiatives.


  • Using Active Directory

    • Deploy and enforce proper system configuration using Group Policy.
    • Enables centralized, policy-based, secure control and management of access,authentication, and authorization for IT users and resources.
    • Supports logs of privileged and exceptional operations related to the directory.


  • How to Audit SOX Compliance Using JiJi Active Directory Reports?

    Using JiJi Active Directory Reports, you can easily SOX audit your Active Directory. As part of the Sarbanes Oxley Act, the IT Management must know the security risk in their network. It is the duty of the IT Management to protect the system and information.

    Asses security risk

    • Using Password Policy Reports,get details of Default Domain Policy and Fine Grained Password Policies in your directory.Also get the members for the given Fine Grained Password Policy.
    • Use Account Lockout Policy Report, to view when the account will be locked out whenever invalid credentials are provided to access the account.
    • You can also find and remove Group without members.

    Data Protection

    • You can track the bad loggedon users attempts using Bad Logged on reports.
    • Get Inactive Users and Inactive Computers, and track their log on attempts for any malpractices.
    • Get Inactive Users/Inactive Computers / Disabled Users, and delete the unnecessary AD objects.
    • Get the user access across entire network using Security Reports.