The Sarbanes Oxley Act of 2002 is created as a result of to a number of major corporate and accounting scandals. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation's securities markets.
It is mandatory for the public traded companies to report their internal audit structure to Securities and Exchange Commission (SEC). Non compliance to this act attract criminal penalties.
Under section 404 of SOX compliance, management is required to produce an "internal control report". It must affirm the responsibility of management for establishing an adequate internal control structure and procedures for financial reporting.
SOX Section 404 and other regulatory requirements specify that enterprises create and maintain detailed information about information flow and user access across entire enterprise networks. Centrally managed repositories of such information are also essential elements of effective Identity and Access Management and IT security architectures.<
It is the duty of IT to assure that authorized people conduct all financial transactions and data entry, and that all transactions get logged and tracked in ways that support comprehensive auditing. To meet these and other business requirements, IT executives must ensure that the Identity and Access Management (IAM) solutions at their enterprises deliver adequate levels of demonstrable, transparent compliance.
Active Directory is powerful and flexible, and enables and supports effective, policy-based management of "compliance-ready" IAM initiatives.
Using JiJi Active Directory Reports, you can easily SOX audit your Active Directory. As part of the Sarbanes Oxley Act, the IT Management must know the security risk in their network. It is the duty of the IT Management to protect the system and information.