Auditing is a major concern of any company. Every organization should comply with rules and regulations set forth by the US government. One such regulation is Sarbanes-Oxley Act which applies to Public Companies.

The Sarbanes-Oxley Act was enacted as a reaction to a number of Corporate and Accounting scandals. These scandals shook the confidence of the public because they cost investors millions of dollars when the share price of the affected companies collapsed.

This Act does not apply to privately held companies though.

The Sarbanes-Oxley Act was passed into law in 2002 to protect investors by improving the accuracy and reliability of corporate disclosures. The requirements of Sarbanes-Oxley are that a Public Company must have written policies and procedures that are followed to protect the interests of its stock holders. This law totally changed the standards of all US public company boards, management and public accounting firms.The SOX orders strict reforms to improve financial disclosures from corporations and prevent accounting fraud.

The Sarbanes-Oxley Act (SOX) requires that if a company records client personal information, it must be maintained in a secure manner. In the event any client’s personal information is compromised each client who may have been affected must be informed within a reasonable period of time.

The Act

• Creates a Public Company Accounting Oversight Board to enforce professional standards, ethics, and competence for the accounting profession

• Strengthens the independence of firms that audit public companies

• Increases corporate responsibility and usefulness or corporate financial disclosure

• Increases penalties for corporate wrongdoing

• Protects the objectivity and independence of securities analysts

• Increases Securities and Exchange Commission resources

Data Triage Technologies (DTT) provides confidential auditing services that comply with the Sarbanes-Oxley and ISO (1)7799. DTT’s consultants test and review Network Security policies and procedures and provide a detailed report addressing the security findings. Details of all work performed including testing and analysis of the network security situation is included in a comprehensive report and delivered to the client in a timely manner after completion of work.