The Sarbanes-Oxley Act (SOX) establishes requirements for the integrity of the source data used in financial transactions and reporting. In particular, auditors are looking at regulated data residing in databases connected to enterprise applications.
To prove the integrity of financial data, companies must extend audit processes to the financial information stored within corporate databases. To verify regulatory compliance, auditors look at multiple aspects of a database environment including user management, authentication, separation of duties, access control, and audit trail. To cover that, many companies use security tools such as Security Information and Event Management systems(SIEMs)
And while legacy SIEMs often fail to ease compliance in terms of ensuring document integrity, audit trail, and real-time anomaly detection, and data visualization, NextGen SIEMs are designed in a way to ease the work of the compliance department.
To demonstrate how a NextGen SIEMs can simplify SOX Compliance, we have created a mapping between LogSentinel’s NextGen SIEM and the respective SOX requirements:
| Goal | Requirement | Solution |
| Prevent data tampering | Implement systems that track logins and detects suspicious login attempts to systems used for financial data. | LogSentinel SIEM detects any suspicious behaviour, thanks to the AI module, and the relevant business predefined rules. Stakeholders get alerted in real-time, so they can take immediate measures |
| Record timelines for key activities | Implement systems that can apply timestamps to all financial or other data relevant to SOX provisions. Store such data at a remote, secure location and encrypt it to prevent tampering. | LogSentinel’s cloud-first SIEM leverages blockchain-inspired technology to protect log data and ensure the information and the timestamp of every event can’t be tampered with |
| Build verifiable controls to track access | Implement systems that can receive data from practically any organizational source, including files, FTP, and databases, and track who accessed or modified the data. | LogSentinel’s zero-setup cloud SIEM, open-source agent, and built-in CASB can handle every system and every setup even in complex organizations. |
| Test, verify, and disclose safeguards to auditors | Implement systems that can report daily to selected officials in the organization that all SOX control measures are working properly. Systems should provide access to auditors using permissions, allowing them to view reports and data without making any changes. | LogSentinel SIEM has a sophisticated dashboard allowing 360-degree monitoring. Access can be granted to selected officials in the organization responsible for the SOX control measures. When required, read-only access can be also granted to external parties such as auditors |
| Report on the effectiveness of safeguards | Implement systems that generate reports on data that have streamed through the system, critical messages and alerts, security incidents that occurred, and how they were handled. | LogSentinel SIEM makes audits easier, generating compliance reports, required by your partners, investors, and SOX regulators |
| Detect security breaches | Implement security systems that can analyze data, identify signs of a security breach, and generate meaningful alerts, automatically updating an incident management system. | LogSentinel SIEM collects and analyzes data from all sources, automatically detecting anomalies thanks to the AI-based threat detection module. LogSentinel SIEM has a built-in incident management system, keeping a record of any incident detecting, and sending notifications to people in charge when a new threat is detected. |
| Disclose security breaches and failure of security controls to auditors | Implement systems that log security breaches and also allow security staff to record their resolution of each incident. Enable auditors to view reports showing which security incidents occurred, which were successfully mitigated, and which were not. | LogSentinel SIEM ensures full logging and trackability of the security incidents. This can be made manually, as well as automatically – thanks to the intelligent threat detection module, significantly reducing the time for detecting threats. The security team is able to monitor all the security incidents and to mark which ones successfully mitigated and which were not yet |
We at LogSentinel realize how challenging SOX requirements can be for organizations of all sizes, so we created LogSentinel SIEM in a way to simplify audits and reporting, and ensure full integrity across all systems.
Denitsa Stefanova is a Senior IT Business Analyst with solid experience in Marketing and Data Analytics. She is involved in IT projects related to marketing and data analytics software improvements, as well as the development of effective methods for fraud and data breach prevention. Denitsa supports her IT-related experience by applying her skills into her everyday duties, including IT and quality auditing, detecting IT vulnerabilities, and GDPR-related gaps.
