The Sarbanes-Oxley act (SOX) was passed in 2002 by Congress after accounting scandals were found in multiple major financial firms. By implementing this act, Congress aimed to rebuild the trust between investors and publicly traded financial institutions. SOX improves auditing requirements for financial firms, ensuring that they are independent, accurate, and free from coercion from higher-up company officials. This act also threatens criminal penalties to any firm officer, director, or manager who knowingly submit falsified or non-complying financial statements.
Though this act focuses largely on the financial doings of an institute, there are a few sections of the act that focus on IT and security. A financial instituion must have documented and enforced data security policies, as well as controls that cover areas such as data access, data backups, change of management, and overall security of data and systems.
We aim to leverage our processes and technology to relieve regulated clients and those with sensitive data from the burdens of maintaining cybersecurity and information controls. In order to do this, we will elevate organizational security awareness and requirements recognition to the highest levels of management and ownership. Furthermore, Egis will help maintain a culture that is disruptive to threat actors and anyone that would harm our clients and their critical industry sectors. In order to achieve this goal, and help one become compliant with the Sarbanes-Oxley act, we can: