Sarbanes-Oxley Act (SOX) of 2002 report

This report displays Sarbanes-Oxley issues found on your site. Many web application vulnerabilities might lead to security breaches of personal information, directly or indirectly, and might be considered as violations of the regulation.

Why it matters

Experts say that the Sarbanes-Oxley Act (SOX) is the most important milestone affecting corporate governance since the Securities Act of 1934. Its aim is to lift the standard for publicly traded companies and to protect investors by improving the accuracy and reliability of corporate disclosures.

The actual challenge of SOX is ensuring that compliance can be demonstrated and accurately monitored and reported. The most common area of focus is the archiving of all communications and the creation of transparent and auditable systems for recording transactions, dealings and any kind of business correspondence.

Section 404 holds managers responsible for maintaining internal controls and procedures for financial reporting; and demands that auditors attest to the management's assessment of these controls and disclose any weaknesses.

Best practices for complying with SOX

Identify and monitor risks
Establish effective internal controls
Use secure coding practices
Test web applications for potential security breaches before deployment