The Sarbanes-Oxley Act: The Role of IT


While there are many facets to SOX compliance, change management has emerged as its cornerstone. To ensure and demonstrate that only authorized and intended alterations have been made, all changes to the IT infrastructure must be monitored, tracked, and documented.

For each tracked change, specific details are required:

  • Who was involved in the change?
  • What did the change entail and what systems were affected?
  • When was the change made?
  • Where was the change made?
  • Why was the change made?

To increase the efficiency and cost-effectiveness of the change management process, IT organizations must implement an automated system configured to mirror its workflow. A well-designed change management tool provides organizations with a clear view of the internal IT infrastructure and its dependencies, creating a living snapshot for IT, internal auditors, and third party auditors who validate the controls. It also enables IT organizations to automate key controls supporting compliance efforts, ultimately reducing downtime and costs.

Read on in the white paper above!