Automate SOX Controls and Prevent Unauthorized Changes
The Sarbanes-Oxley Act (SOX) defines the requirements for the integrity of source data related to financial transactions and disclosures. SOX Section 404 requires implementation of technical controls and continuous access auditing to assure the reliability of data related to financial transactions. In order to establish internal controls, public companies look to implement frameworks like COSO, CobiT, ISO and more. Imperva provides enterprise-ready solutions which enable companies to conduct risk assessments, validate configurations, audit changes that impact financial data and streamline compliance processes.
Evaluate Internal Controls and Assess Risk
Internal controls evaluation and risk assessment should be the first steps in a SOX compliance project. Internal policies and secure configurations need to be defined either using custom policies or industry standards. The assessment should cover applications, databases and file systems to identify vulnerabilities and compliance gaps.
Audit Changes that Impact Regulated Data
All changes that impact financial transactions must be audited. This includes privileged changes to data (DML1), data containers (DDL2) as well as changes to user rights over regulated data (DCL3). To effectively analyze incidents the audit trail must provide complete details about the 'Who?', 'What?', 'When?', 'Where?' and 'How?' of each regulated event.
Protect Financial Data from Unauthorized and Fraudulent Activities
Abnormal activities can be identified through deviations from observed 'normal' behavior. Suspicious activities that may indicate fraud should be alerted on or blocked. Unauthorized activities which violate access policies should be thoroughly reviewed using audit reports and analytical tools which support forensic investigations.
Access Management and Elimination of Excessive Rights
User access to source financial data needs to be tightly controlled to reduce the risk of security breaches. Centralized user rights management automates reporting on user access rights, supports review and approval processes, identifies users with excessive rights and reduces costs associated with access control management.
Implement an Automated Repeatable Audit Process
Effective implementation of SOX control processes requires making them repeatable. Centralized management of audit and assessment of heterogeneous systems streamlines the execution of these processes. Automation reduces the amount of resources required to maintain on-going SOX compliance and can provide a positive return on investment.
Enforce Separation of Duties and Enable Auditor Independence
To verify separation of duties it is important to certify that individuals do not have privileges that allow them to complete and conceal fraudulent activities. It is also critical that privileged users do not have privileges over auditing solutions as they may abuse these privileges to tamper with the integrity of the audit trail.
1DML = Data Modification Language: Insert, Update, Delete
2DDL = Data Definition Language: Create, Alter, Drop
3DCL = Data Control Language: Grant, Revoke
4Blocking accesses to sensitive data in databases requires SecureSphere Database Firewall
5SecureSphere Discovery and Assessment Server is included with SecureSphere Database Activity Monitoring and Database Firewall
6Blocking accesses to sensitive data in databases requires SecureSphere File Firewall
"Database Activity Monitoring Market Overview" by Jeffrey Wheatman, Mark Nicolett, 03-Feb-2009