Sarbanes-Oxley Act (SOX)

Contributor(s): Bob Spurzem

The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation passed by the U.S. Congress to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise, as well as improve the accuracy of corporate disclosures. The U.S. Securities and Exchange Commission (SEC) administers the act, which sets deadlines for compliance and publishes rules on requirements.

The Sarbanes-Oxley Act was enacted in response to a series of high-profile financial scandals that occurred in the early 2000s at companies including Enron, WorldCom and Tyco that rattled investor confidence. The act, drafted by U.S. Congressmen Paul Sarbanes and Michael Oxley, was aimed at improving corporate governance and accountability. Now, all public companies must comply with SOX.

The Sarbanes-Oxley Act not only affects the financial side of corporations, but also IT departments charged with storing a corporation's electronic records. The act is not a set of business practices and does not specify how a business should store records; rather, it defines which records should be stored and for how long. SOX states that all business records, including electronic records and electronic messages, must be saved for "not less than five years." The consequences for noncompliance are fines, imprisonment or both.

IT departments are increasingly tasked with creating and maintaining a corporate records archive in a cost-effective fashion that satisfies the requirements put forth by the legislation. Section 802 of Sarbanes-Oxley contains the three rules that affect the management of electronic records. The first rule deals with the destruction, alteration or falsification of records, and the resulting penalties. The second rule defines the retention period for records storage. Best practices indicate that corporations securely store all business records using the same guidelines set for public accountants. The third rule refers to the type of business records that need to be stored, including all business records and communications, including electronic communications.

This was last updated in June 2014 ???publishDate.suggestedBy???

Continue Reading About Sarbanes-Oxley Act (SOX)

Dig Deeper on Enterprise data storage management



Find more PRO+ content and other member only offers, here.

Join the conversation


Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Nice Article...Thanks for the info.
just I want to find out: Sarbanes -Oxley Act was aimed at all of the following EXCEPT;
Auditors of public corporation, Executive of public corporation, compensation committees of public corporation and investment advisers to public corporation
What's been your biggest challenge with meeting SOX compliance rules?
See a great website on SOX:

Are Regulation A companies subject to the Sarbanes Oxley rules regarding loans

Did you get an answer through email?  Or is no one answering the question?
How is a company that requests 50% deposit up front to invoice for that last 50%? We have a company that invoice a 100% even after they have been paid the 50% deposit and not applying the 50% we have already paid.They say they cannot adjust the invoice because of SOX. Is this true?


File Extensions and File Formats

Powered by: