SOX in Auditing: Logging, Separation of Duties, and Compliance

Verified

Added on 2023/01/23

AI Summary

This report provides an overview of the Sarbanes-Oxley Act (SOX) and its implications in auditing. It explores the core concepts of SOX, emphasizing the protection of stakeholders through corporate governance and internal controls, particularly in financial reporting. The report details the importance of logging and the separation of duties in SOX compliance, highlighting how these measures mitigate fraudulent activities and ensure data integrity. Furthermore, it delves into database auditing, explaining how it enhances transparency and data protection, including the role of the Database Administrator (DBA) and the use of automation to maintain data integrity, cost efficiency and compliance. The report also references key literature to support its analysis of the SOX Act and its impact on financial and technological sectors.

Running head: SOX IN AUDITING
SOX in auditing
Name of the Student:
Name of the University:
Author Note:

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SOX IN AUDITING
Table of Contents
Concept of SOX.........................................................................................................................3
Logging in and Separation of duties in the SOX compliance....................................................3
Database auditing.......................................................................................................................4
DBA use of automation to comply with the SOX......................................................................4
References..................................................................................................................................5

SOX IN AUDITING
Concept of SOX
The SOX has been implemented in the year 2002 in the United States to protect the
stake holders through developing new corporate standard and the corporate governance into
the organization. This has been implemented as the Sarbanes Oxley Act. Which requires all
the financial reports to include an internal control report. The SOX comply with the internal
audit process where the company’s internal management have been audited to reduce the
misconduct into the management. This has been implemented with the view of protecting
public and the shareholders from the accounting errors & fraudulent in the organization and
to improve the accuracy in the financial or corporate disclosure. Primarily this act is
associated with the financial department but this also effected the technological sector. As the
IT department is associated with the responsibility of storing electronic record, according to
the Act. the information must be saved not less than five years. For the evaluation of this act
the section 802 has been implemented (Li et al., 2014).
Logging in and Separation of duties in the SOX compliance
Separation of duties:
The key requirement on the SOX compliance is the duty separation. This means the
separation of duties in the change management process. The chance management refers to the
separation of duties where the same person cannot make any change in the development of
data base and can never move the change to the production database. This has been adopted
to reduce the fraudulent into the system changes which can affect the financial reporting.
However for example, without any permission or any knowledge an individual can never
make any change which would affect the calculation of the revenue (Thabit &
Solaimanzadah, 2018).
Logging

SOX IN AUDITING
The essential part of SOX requirement is associated with the collection management
and the analysis of the log data. For the SOX, the log management performs the
categorization, identification and the regulation to abridge reporting and analysis. However
there are many SOX IT compliance software that improves the cyber security and control
management for the organization. These helps in centralizing the collection of logs and
analysis of events from database, systems and applications. Without having a data base
logging in is impossible to recognise who changes what in the database (k & Patel, 2016).
Database auditing
The database auditing refers to the monitoring and auditing the internal data base. The
data base auditing has been done through bringing transparency into the corporate
information that are being stored or saved. As per the SOX Act. the DBA refers to the
introduction of the new procedure related to the protecting data, creating backups, ensuring
auditing, encryption and restricted access of regulated data. This ensures mismanagement
control through reducing the access of data base (Dubbels, Glowacki & Stevens 2015).
DBA use of automation to comply with the SOX
The DBA is an automation process through which the data has been maintained for a
longer period. The DBA uses automation into the segregation of duties, data analysis and the
automated reconciliation. The DBA complies with the SOX through adopting an automation
process to maintain the internal data base and maintain the transparency into the information
management system. Using the automation through the database management system the
SOX complies with the cost efficiency and makes effort less to search any details as to
identify the performance.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

SOX IN AUDITING
References
Dubbels, J. C., Glowacki, J. R., & Stevens, R. J. (2017). U.S. Patent No. 9,817,850.
Washington, DC: U.S. Patent and Trademark Office.
Li, C., Raman, K. K., Sun, L., & Wu, D. (2017). The effect of ambiguity in an auditing
standard on auditor independence: Evidence from nonaudit fees and SOX 404
opinions. Journal of Contemporary Accounting & Economics, 13(1), 37-51.
Malik, M., & Patel, T. (2016). Database securityattacks and control methods. International
Journal of Information, 6(1/2), 175-183.
Thabit, T., & Solaimanzadah, A. (2018). The Role of SOX Act in Enhancing the Internal
Control Systems of Kurdistan Banks.