SOX Compliant Hosting

Overview – The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation passed by the U.S. Congress to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise, as well as improve the accuracy of corporate disclosures. The U.S. Securities and Exchange Commission (SEC) administers the act, which sets deadlines for compliance and publishes rules on requirements. The Sarbanes-Oxley Act was enacted in response to a series of high-profile financial scandals that occurred in the early 2000s at companies including Enron, WorldCom and Tyco that rattled investor confidence. The act, drafted by U.S. Congressmen Paul Sarbanes and Michael Oxley, was aimed at improving corporate governance and accountability. Now, all public companies must comply with SOX. The Sarbanes-Oxley Act not only affects the financial side of corporations, but also IT departments charged with storing a corporation’s electronic records. The act is not a set of business practices and does not specify how a business should store records; rather, it defines which records should be stored and for how long. SOX states that all business records, including electronic records and electronic messages, must be saved for “not less than five years.” The consequences for noncompliance are fines, imprisonment or both. IT departments are increasingly tasked with creating and maintaining a corporate records archive in a cost-effective fashion that satisfies the requirements put forth by the legislation. Section 802 of Sarbanes-Oxley contains the three rules that affect the management of electronic records. The first rule deals with the destruction, alteration or falsification of records, and the resulting penalties. The second rule defines the retention period for records storage. Best practices indicate that corporations securely store all business records using the same guidelines set for public accountants. The third rule refers to the type of business records that need to be stored, including all business records and communications, including electronic communications.How FCM360’s Products and Services Complies with The Sarbannes-Oxley Act (SOX) -Main Financial Compliance Requirements –

SOX 404 – SSAE 16
  • Audit and controls review
  • Industry compliance tested for SOX alignment
  • Comply with industry accepted security and availability practices
SOX 401 – Preservation and Accuracy of Electronic Records
  • Maintain a secure environment for electronic records
  • Records accuracy is never compromised since environment is secure
SOX 401 – 5 Year Retention Period for Records
  • Stored records are held in a secure environment for 5 years or greater
SOX 401 – Type of Business Records – Stored and Communicated
  • Stored business records as well as communicated records are maitained
  • Develop as well as maintain secure systems and applications

We Are Here to Help.