Compliance also encompasses the examination of the controls within an Information Technology infrastructure.
SOX Compliance across O/S, DB and Apps
In the US, the Sarbanes-Oxley Act of 2002 (SOX) was enacted in response to a number of major corporate and accounting scandals. Similar corporate governance has since become a requirement in Europe (E-SOX) and Japan (J-SOX). South African companies listed on stock exchanges overseas governed by SOX are also required to be complaint.
- RDB are certified specialists
- Knowledge management due to full documentation of the site
- Stable and predictable resource skills
- Elimination of frustrating HR issues
- Lower all-inclusive costs (no holidays, sick leave, bonuses & training)
- Elimination of single-point failure
- Proactive monitoring and alarm triggering
- Monthly site reports
- 24/7 stand-by with complete escalation procedures (optional)
- Direct access to RDB’s resources and superior technical skills
Examples of such controls as follows:
- Track or audit and report on changes at O/S, Database and Application level.
- Track and report on all changes occurring with a Change Control implementation.
- Account auditing and reporting
- Account sharing and reporting
Below are some infrastructure considerations:
- Audit Repository
- Individual Accountability on all tiers
- Database security lockdown
- Privileges and Role Control
- Software Access Control
- Server Lock Down
- Command Restriction
- Resource Restriction
- Resource Management
- Sign on and Password Security
- Implementation Control
- Data Refresh Procedures
- Non-Production Environment Security
RDB has compliance solutions at O/S, Database and Application level, and will implement auditing and reporting in all three tiers in order that they meet the stringent SOX requirements.