SOX / COSO

Publicly traded U.S. corporations must maintain compliance with the security provisions of the Sarbanes-Oxley Act of 2002 (SOX). Companies subject to SOX must monitor their environments and prove compliance with the guidance found in the control framework of the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

Monitoring for SOX compliance cost-effectively requires leveraging existing investments in applications and databases while having a comprehensive, integrated view of security compliance that ties controls back to business practices. Companies must be able to provide the necessary audit trail of configuration control, access and change.

Solutionary Managed Security Services and Security Consulting Services help companies cost-effectively comply with SOX security requirements.

Solutionary services help publicly traded companies with:

 

Assess and Measure Gaps COSO assessment methodology performed by experienced certified security experts applied to SOX provisions; prioritized and actionable recommendations; peer benchmarking.
Remediate and Enhance Experienced certified security experts, security program, policy and procedures design, services, tools and process implementation.
Execute and Monitor SOX compliant privileged user monitoring; application and database access and management monitoring; Log Monitoring, Log Management; Vulnerability Management; and Security Device Management.
Demonstrate Compliance Pre-defined SOX compliant and customizable reporting; secure evidence repository for all compliance related assessments, documents, policies, results, and reports; integrated ticketing of problems and incidents with assignment and tracking.

Solutionary has:

  • Broad experience meeting SOX compliance using the COSO framework
  • A staff of experienced, certified security experts
  • Proven Managed Security Services and Security Consulting Services
  • Certified security experts (CISSP, CISA, CISM, GCIA, CSOA, QSA, HITRUST CSF and others)

 

Compliance Activity Solutionary Services / Capabilities Regulatory Mapping
Assess and Measure Gaps Security Consulting Services COSO from COBIT 4.1
Remediation and Enhancement Security Consulting Services; authorized partner consulting services 144 of the 469 COSO Security Controls
Execute and Monitor Security Program Log Monitoring, Log Management; Vulnerability Management; Security Device Management and authorized partner consulting services All 59 COSO Controls with technical requirements
Demonstrate Compliance Evidence Log Vault; security and compliance reporting All 23 COSO Controls with auditing and reporting requirements

Solutionary services to support SOX compliance include:

 

What's New

Blog: Compliance and MSSP

Research: NTT Group 2014 Global Threat Intelligence Report

White Paper: Seven Steps for Better DoS and DDoS Protection