The Sarbanes-Oxley Act of 2002 (SOX) mandates security controls and accountability for corporations and requires security professionals to play a key role in a company’s ability to comply with this regulation (United States Congress, 2002); (Stults, 2004). An understanding of the scope and potential issues with SOX is critical to successfully implementing the changes required by SOX (Stults, 2004).
Stults, G. (2004, July 25). An Overview of Sarbanes-Oxley for the Information Security Professional. Retrieved from https://www.sans.org/reading-room/whitepapers/legal/paper/1426
United States Congress. (2002, July 30). H.R.3763 – 107th Congress (2001-2002): Sarbanes-Oxley Act of 2002. Retrieved from https://www.congress.gov/bill/107th-congress/house-bill/3763