DBA Guide to Understanding Sarbanes-Oxley (SOX) [Presentation]

The Sarbanes-Oxley Act (SOX) never mentions the words database or data, however, DBAs must ensure their databases are in compliance with Sarbanes-Oxley. Sarbanes-Oxley Section 404 simply states that management has the responsibility “for establishing and maintaining an adequate internal control structure and procedures for financial reporting.” How does this sentence relate to a database being compliant with Sarbanes-Oxley? Well, directly it doesn’t. But since the Oracle Applications 11i database contains data related to financial reporting and manipulation of this data “could adversely affect the company’s ability to record, process, summarize, and report financial data”, the Oracle Applications database must be compliant with the requirements of Sarbanes-Oxley for effective internal controls as stated in Sections 302 and 404 of the Act.

Click here to get the file