Sarbanes-Oxley (SOX) legislation mandates corporate management to certify their company's financial statements and to attest to both their responsibility for and the effectiveness of internal controls over financial reporting. To meet these challenges, SOX compliance requires quarterly and annual assessments as well as continuous controls testing of in-scope applications that can materially affect financial reporting.
Rsam for SOX Compliance
Rsam automates cumbersome SOX IT governance initiatives and helps organizations effectively adhere to the strict timeframes and assessments cycles as defined by the SOX IT Governance process. With Rsam, organizations can:
- Assess internal controls
- Identify compliance gaps centrally
- Perform controls testing
- Track Issue & Remediation initiatives
- SOX IT Controls Template – Rsam comes pre-populated with SOX IT controls, including access control, separation of duties, provisioning, etc., at the entity and application levels, which the organization can further customize to match their specific scope of assessment
- Workflow to Mirror Any Existing Assessment Process – Dynamic Workflow bends to meet your most complex processes – not vice-versa. Map virtually every aspect of current workflow processes into Rsam. Upon completion, the process can automatically be passed to other users for review or additional input.
- Create Compliance Gaps Repository for Centralized Remediation – Create a central repository of manageable data/non-compliant findings from scanners, surveys, auditors, etc. Develop and prioritize remediation strategies and action plans to manage unlimited remediation initiatives across the enterprise.
- Deliver Real-time, Actionable Reporting – Rsam 50+, out-of-the-box roll-up/ drill-down reporting delivers actionable information to key stakeholders. Organizations can also launch their own custom reports, either in Microsoft SSRS and/or Crystal reports, directly from Rsam. All data entered into Rsam is immediately available for consumption by Rsam analytic engines, reporting structures and dashboards within the application giving end-users access to real-time data.