Public corporations experience increasing demands to build, maintain and ensure secure and reliable information assets. In response to various corporate accounting scandals, the Sarbanes-Oxley (SOX) Act was passed to compel public companies to implement monitoring and security measures that can verify the proper operation of financial reporting and analysis. While the SOX rules cover mostly accounting matters, Anitian has developed an all-inclusive practice to cover sections 403 and 302 of the SOX act, which addresses information security, privacy, and monitoring.

Anitian analyzes and audits a client's environment for compliance with SOX and its associated policies and standards.

A typical SOX audit includes:

• Organizational Analysis
  Analyze the entire organization and how it uses, manages, procures, and delivers IT services.
• Infrastructure Analysis
  Review the infrastructure for best practices and security.
• Policy and Procedure Review
  Review all organization security policies and procedures for alignment with standards.
• Security Assessment
  Assess networks, systems and access for security weaknesses.
• Compliance with SOX
  Review environment for compliance with the Sarbanes-Oxley Act.
• Remediation Reporting
  Report results of audit and develop remediation measures. Anitian's reports include high-level executive reporting as well as detailed, technical reports.
• Implement Security Improvements
  Architect and implement necessary security improvements.
• Train and Educate Staff
  Educate staff on proper security practices and procedures.
• Monitoring
  On-going monitoring and validation to ensure compliance.

The result is a comprehensive and rigorous process that ensures the client’s agency meets all requirements and can easily gain SOX compliance with sections 404 and 302. Anitian has performed assessments for numerous public organizations in many different industries.

For more information, please call 888.ANITIAN, or email Anitian Enterprise Security.