In this article, Microsoft security guru Russell Smith provides an overview of the requirements of SOX and how Defendpoint helps organizations achieve compliance.
In response to major accounting scandals such as those that affected Enron, Sarbanes-Oxley (SOX) was passed into US law in 2002. Put simply, it requires that public companies verify the accuracy of their financial information. Specifically, SOX section 404 states that organizations must demonstrate confidence in IT systems that store, transport and process data.
The Act itself doesn't determine what internal controls organizations should use, but COBIT (Control Objectives for Information and Related Technology) outlines best practice and is the most commonly adopted framework by IT departments to meet SOX compliance.