5 LESSONS LEARNED   FROM THESARBANES-OXLEY     ACT
Top Patch delivers information                                  security products that reduce risk,                       ...
5 Lessons Learned from                              the Sarbanes-Oxley Act• Sabarnes-Oxley Act of 2002 (SOX)  • Executives...
5 Lessons Learned from                               the Sarbanes-Oxley Act1) Don’t jump into documentation and testing   ...
5 Lessons Learned from                               the Sarbanes-Oxley Act2) Do not rely on in-house tools to documentcon...
5 Lessons Learned from                              the Sarbanes-Oxley Act3) SOX Compliance is not an IT or auditingrespon...
5 Lessons Learned from                           the Sarbanes-Oxley Act4) Segregate duties and access controls • Classic: ...
5 Lessons Learned from                            the Sarbanes-Oxley Act5) Seek outside expertise  • Few companies have em...
Top Patch delivers     information security  products that reduce risk,  increase data security and      ensure compliance...
Upcoming SlideShare
Loading in …5
×

5 Lessons Learned from the Sarbanes Oxley Act

903 views

Published on

Top Patch delivers information security products to reduce risk, increase data security and ensure compliance. TopPatch's Remediation Vault™ is the industry’s first peer-to-peer patch distribution product. Even with existing patch management solutions, Remediation Vault ensures completeness, coverage and speed so that vulnerabilities are patched before hackers can exploit them. With Remediation Vault, the vulnerabilities in the software installed on Unix, Linux, BSD, OSX and Window’s operating systems are up to date with the newest security patches.

TopPatch services include HIPAA/HITECH compliance management, PCI compliance management, intrusion detection/prevention systems, forensics, end-to-end data privacy compliance management, vulnerability assessment and management, log monitoring and management, FFIEC, GLBA, NCUA, NERC, and SOX compliance.

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
903
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • 5 Lessons Learned from the Sarbanes Oxley Act

    1. 1. 5 LESSONS LEARNED FROM THESARBANES-OXLEY ACT
    2. 2. Top Patch delivers information security products that reduce risk, increase data security and ensure compliance. • Remediation Vault™: first peer-to- peer patch distribution product. • Vulnerabilities patched before hackers can exploit them. • Unix, Linux, BSD, OSX and Windows OS protected with newest security patches. www.toppatch.com Email: alex@toppatch.com • Twitter: @toppatch©TopPatch • All Rights Reserved 349 Fifth Avenue, New York NY 10016, (646)
    3. 3. 5 Lessons Learned from the Sarbanes-Oxley Act• Sabarnes-Oxley Act of 2002 (SOX) • Executives responsible for accuracy of financial statements • Responsible for internal controls to mitigate fraud and human errors
    4. 4. 5 Lessons Learned from the Sarbanes-Oxley Act1) Don’t jump into documentation and testing before conducting a risk analysis • Firms spent millions of dollars to produce documentation on trivial controls and job descriptions. • Did not perform risk analysis. • Hefty costs could have been avoided. • Identify upfront which controls affect financial statements.
    5. 5. 5 Lessons Learned from the Sarbanes-Oxley Act2) Do not rely on in-house tools to documentcontrols • Internal controls should be IT-based ratherthan manual • Don’t rely on spreadsheets, etc..
    6. 6. 5 Lessons Learned from the Sarbanes-Oxley Act3) SOX Compliance is not an IT or auditingresponsibility • It is a business management responsibility. • Difference between information security and IT. • Information security is everyone’s responsibility. • Business principals and executives need to ownthe monitoring or internal controls.
    7. 7. 5 Lessons Learned from the Sarbanes-Oxley Act4) Segregate duties and access controls • Classic: use of same password by several employees • Hampers auditors, affects compliance
    8. 8. 5 Lessons Learned from the Sarbanes-Oxley Act5) Seek outside expertise • Few companies have employees who can perform vulnerability assessment.
    9. 9. Top Patch delivers information security products that reduce risk, increase data security and ensure compliance Request a free trial of the Remediation Vault for Best-In-Class Patch ManagementAlexEmail: alex@toppatch.com(646) 664-4265349 Fifth Avenue, New York, NY 10016www.toppatch.comTwitter: @toppatch

    ×