Sarbanes Oxley - SOX

The Sarbanes-Oxley Act of 2002, sponsored by Paul Sarbanes and Michael Oxley, represents a huge change to federal securities law. It came as a result of the corporate financial scandals involving Enron, WorldCom and Global Crossing. Effective in 2006, all publicly-traded companies are required to implement and report internal accounting controls to the SEC for compliance. The Sarbanes Oxley Act requires all financial reports to include an Internal Controls Report. This shows that a company's financial data accurate and adequate controls are in place to safeguard financial data. Year-end financial disclosure reports are also a requirement. A SOX auditor is required to review controls, policies, and procedures during a Section 404 audit.

As organizations work to comply with SOX, IT systems often automate most (if not all) data acquisition, data management and reporting activities. Therefore, IT infrastructure is at the core of any compliance effort and information security is the foundation for any solution. Without security, data management, data isolation and data integrity cannot be assured, and any technical safeguard fails.

Cautela Labs SOX Solutions:

  • Security Assessment to identify gaps in the current security posture of the environment
  • Vulnerability Assessment Scanning of the physical and application environment to validate and tightened your security posture
  • Data Loss Prevention identifies critical data, location and assist in preventing its outflow
  • Network Access Control safeguards your perimeter and enhance endpoint security
  • Managed Security Services to reduce time and cost of monitoring and testing and provide auditing reporting and security event management

Information Risk Assessment

Cautela Labs helps you via its information risk analysis methodology to analyze business information risk and select the right controls to mitigate that risk.

Professional Services


Services to help federal agencies and their affiliates in their FISMA compliance efforts to improve your security controls in accordance with NIST SP 800-53 for security controls.