WE CAN HELP YOU. WE ARE CYBER SECURITY COMPLIANCE EXPERTS.
If you do not have time or a skilled and qualified resource, we can help your organization in planning, assessing current and desire security posture along with identifying all risks, vulnerabilities, and operational and processes driven fatal red flags followed by working to deploy all required countermeasure security controls to reduce, mitigate, or transfer risk.
Since 2000, Our professional team members have assisted U.S. Federal Government Agencies, State of California Government Agencies, and Fortune 100, 500, and 1000 public and private world-class international companies to identify cybersecurity threats, vulnerabilities, business and processes gaps, and red flag, and able to timely deploy security countermeasure solutions and/or compensating or alternative controls which reduce or eliminate security risks, threats, and vulnerabilities.
We specialize in Enterprise Security Strategies and Planning, Risk Assessment, Infrastructure, and Web Application Cyber Security Threats Assessment, Cloud Security, Security Compliance Standard (SOX, PCI-DSS v3.1, HIPAA, FISMA, NIST-800), Security Awareness, Policy Program along with unique and hybrid expertise evaluating and assessing Vendors and Business Partner Security Risk Assessment. Our mission: Your Rock-Solid Security is Our # 1 Priority. With our years of real-world hands-on work expertise, special skills, and our unique methodologies, we can make your company “Hack-proof, Hack-resilient, and Security-compliant!”
The Sarbanes Oxley Act of 2002 (Pub.L. 107-204), enacted July 30, 2002, also known as the “Public Company Accounting Reform and Investor Protection Act” (in the Senate) and “Corporate and Auditing Accountability and Responsibility Act” (in the House) and commonly called Sarbanes Oxley, Sarbox, or SOX, is a United States federal law enacted on July 30, 2002, which set new or enhanced standards for all U.S. public company boards, management, and public accounting firms. It is named after sponsors U.S. Senator Paul Sarbanes (D–MD) and U.S. Representative Michael G. Oxley (R–OH).
The bill was enacted as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation’s securities markets.
Sarbanes–Oxley contains 11 titles that describe specific mandates and requirements for financial reporting. Each title consists of several sections, summarized below.
Title I consists of nine sections and establishes the Public Company Accounting Oversight Board, to provide independent oversight of public accounting firms providing audit services (“auditors”). It also creates a central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX.
Title II consists of nine sections and establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation, and auditor reporting requirements. It restricts auditing companies from providing non-audit services (e.g., consulting) for the same clients.
Title III consists of eight sections and mandates that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports. It defines the interaction of external auditors and corporate audit committees and specifies the responsibility of corporate officers for the accuracy and validity of corporate financial reports. It enumerates specific limits on the behaviors of corporate officers and describes specific forfeitures of benefits and civil penalties for non-compliance. For example, Section 302 requires that the company’s “principal officers” (typically the Chief Executive Officer and Chief Financial Officer) certify and approve the integrity of their company financial reports quarterly. [3]
Title IV consists of nine sections. It describes enhanced reporting requirements for financial transactions, including off-balance-sheet transactions, Pro-forma figures, and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports.
Title V consists of only one section, which includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest.
Title VI consists of four sections and defines practices to restore investor confidence in securities analysts. It also defines the SEC’s authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, advisor, or dealer.
Title VII consists of five sections and requires the Comptroller General and the SEC to perform various studies and report their findings. Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations and enforcement actions, and whether investment banks assisted Enron, Global Crossing, and others to manipulate earnings and obfuscate true financial conditions.
Title VIII consists of seven sections and is also referred to as the “Corporate and Criminal Fraud Act of 2002”. It describes specific criminal penalties for manipulation, destruction, or alteration of financial records or other interference with investigations while providing certain protections for whistle-blowers.
Title IX consists of six sections. This section is also called the “White Collar Crime Penalty Enhancement Act of 2002”. This section increases the criminal penalties associated with white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense.
Title X consists of one section. Section 1001 states that the Chief Executive Officer should sign the company tax return.
Title XI consists of seven sections. Section 1101 recommends a name for this title as the “Corporate Fraud Accountability Act of 2002”. It identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties. This enables the SEC the resort to temporarily freeze transactions or payments that have been deemed “large” or “unusual”.
