Sarbanes-Oxley Act Overview

The Sarbanes-Oxley Act is arguably the most well known of all recent regulatory changes impacting enterprises of all kinds. It was passed in July 2002 to restore investor confidence in the US public market after it was damaged by business scandals and lapses in corporate governance. As a result of SOX mandates, companies are taking measures to strengthen internal checks and balances and, ultimately, corporate accountability.

Several of the act’s sections can be supported by IT controls and the TIBCO LogLogic Compliance Suite:

  • Section 302 requires CFOs and CEOs to personally certify and attest to the accuracy of their companies’ financial results.
  • Section 404 establishes the need for internal controls based on a recognized control framework.
  • Section 802 sets criminal penalties for destroying records connected with control audits.
  • Section 409 defines requirements for real-time reporting of material events that could affect a company’s financial performance.

Determining which and how many controls constitute an effective internal control environment is made and evaluated by management within a company, but must be agreed to by an external auditor.