Sarbanes-Oxley Act (SOX)

The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation passed by the U.S. Congress to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise, as well as improve the accuracy of corporate disclosures.

The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation passed by the U.S. Congress to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise, as well as improve the accuracy of corporate disclosures. The U.S. Securities and Exchange Commission (SEC) administers the act, which sets deadlines for compliance and publishes rules on requirements.

The Sarbanes-Oxley Act was enacted in response to a series of high-profile financial scandals that occurred in the early 2000s at companies including Enron, WorldCom and Tyco that rattled investor confidence. The act, drafted by U.S. Congressmen Paul Sarbanes and Michael Oxley, was aimed at improving corporate governance and accountability. Now, all public companies must comply with SOX.

The Sarbanes-Oxley Act not only affects the financial side of corporations, but also IT departments charged with storing a corporation's electronic records. The act is not a set of business practices and does not specify how a business should store records; rather, it defines which records should be stored and for how long. SOX states that all business records, including electronic records and electronic messages, must be saved for "not less than five years." The consequences for noncompliance are fines, imprisonment or both.

IT departments are increasingly tasked with creating and maintaining a corporate records archive in a cost-effective fashion that satisfies the requirements put forth by the legislation. Section 802 of Sarbanes-Oxley contains the three rules that affect the management of electronic records. The first rule deals with the destruction, alteration or falsification of records, and the resulting penalties. The second rule defines the retention period for records storage. Best practices indicate that corporations securely store all business records using the same guidelines set for public accountants. The third rule refers to the type of business records that need to be stored, including all business records and communications, including electronic communications.

This was first published in September 2007

Continue Reading About Sarbanes-Oxley Act (SOX)

Glossary

'Sarbanes-Oxley Act (SOX)' is part of the:

View All Definitions

Dig deeper on Enterprise data storage management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Related Discussions

ITKE asks:

What's been your biggest challenge with meeting SOX compliance rules?

1  Response So Far

Join the Discussion

1 comment

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close