SenSage Compliance Auditing for Sarbanes-Oxley
As a publicly traded company in the United States, you know that you are bound to the audit requirements created by the Public Company Accounting Oversight Board (PCAOB) from the passage of The Sarbanes-Oxley Act of 2002.
The PCAOB accounting standards call for the demonstration of control over financial data and the use of a standard.
ISO 27002 provides best practice recommendations on information security management for use by those who are responsible for initiating, implementing or maintaining security.
The standard contains twelve sections and sections 10 and 11 are extremely relevant to maintaining the control over financial data that auditors require for PCAOB compliance.
- Section 10: Communications and operations management - management of technical security controls in systems and networks
- Section 11: Access control - restriction of access rights to networks, systems, applications, functions and data
Examples of SenSage’s out-of-the-box compliance reports for satisfying audit requirements include the following:
| SenSage Compliance Report | ISO 27002 Section |
| Privileged Account Access Detailed | 10.10.4, 10.10.2, 11.5.1 |
| Privileged Account Access Summary | 10.10.4, 10.10.2 |
| Privileged Command Summary | 10.10.3, 10.10.2, 11.5.4 |
| Privileged Account Activity Detailed | 11.2.1, 11.2.3, 10.10.2 |
