The Sarbanes-Oxley Act (SOX) establishes corporate governance over financial reporting by publicly traded US company boards, their management and public accounting firms. SOX sections 302, 404 and 802 relate to identity and access management. Avatier identity management software (AIMS) prevents internal fraud by making user access visible for accurate regulatory compliance audit controls.
In section 302 financial reports must certify that signing officers are responsible for internal audit controls with penalties including fines and imprisonment. Signing officers must evaluate their internal controls, report on them every 90 days. In the report signing officers must list all areas where internal controls fall out of compliance along with information pertaining to employee fraud and suspicious or unusual internal activities. Signing officers must also identify changes in their internal controls that can negatively impact the operation of internal controls. Avatier Identity Enforcer automates internal audit controls for SOX 302 compliance.
Section 404 requires publicly traded companies, their board of directors, management and public accounting firms to publish in their annual reports the effectiveness of their financial reporting audit controls and operational procedures. AIMS enables a holistic visibility into the access privileges and a unified framework to account for the activities of everyone in your organization including administrators and executives.Through unmanned IT administration, Avatier Identity Analyzer gives organizations complete accountability, real-time reporting and accurate assessments of their audit control.
Section 802 imposes fines and imprisonment for obstructing and attempting to influence fraud investigations. Section 802 makes board of directors, management and accounting firms responsible for failure to meet audit and record keeping regulations. AIMS embeds SOX compliance into IT operations. Avatier Compliance Auditor access certification and access governance software retains record of all audit communication, documents and files. Avatier identity and access governance software puts information security responsibilities in the hands of managers and process owners who work in conjunction with IT and compliance auditors.
Avatier identity and access governance software (IAG) automates access management and offers continuous access certification over enterprise systems and financial records. Avatier access governance software enables a perpetual security policy featuring built in audit controls, self-service compliance administration, and absolute accountability. Avatier Identity Management Software Suite (AIMS) offers Sarbanes-Oxley automated IT solutions ensuring SOX 302, 404 and 802 compliance.