Sarbanes-Oxley Compliance

CompliantBackup Simplifies Life

Sarbanes-Oxley Compliance

The Sarbanes-Oxley Act of 2002 (SOX or Sarbox) regulates the storage and management of corporate financial data for all Registered Public Accounting Firms and many publicly held companies.

Which Sarbanes-Oxley regulations effect data backup, and how does CompliantBackup help you comply?

1. Section 103: Auditing, Quality Control, And Independence Standards And Rules

Explanation: The Board shall: (1) register public accounting firms; (2) establish, or adopt, by rule, “auditing, quality control, ethics, independence, and other standards relating to the preparation of audit reports for issuers;” “The Board requires registered public accounting firms to “prepare, and maintain for a period of not less than seven years, audit work papers, and other information related to any audit report, in sufficient detail to support the conclusions reached in such report.”

How CompliantBackup helps you comply: Off Site Data Backups helps you prepare documents for inspection and audit. Your backups are encrypted, transmited and stored at two remote server locations using government-level 128-bit encryption. Our system allows access only using the correct account ID and encryption key to which only you have access. Files can be restored via the CompliantBackup Online client.
2. Section 104: Inspections of Registered Public Accounting Firms

Explanation: Quality inspections must be conducted annually for firms auditing more than 100 issues per year, or every 3 years for all other firms. The SEC or the Board may order impromptu inspections of any firm at any time.

How CompliantBackup helps you comply: Offsite Data Backups gives users on-demand access to their data. An authorized inspector may immediatley access any stored file up to the last 10 versions over the past 90 days for comparison.
3. Section 105(d): Investigations And Disciplinary Proceedings; Reporting of Sanctions

Explanation: All documents prepared or received by the Board are regarded “confidential and privileged as an evidentiary matter (and shall not be subject to civil discovery or other legal process) in any proceeding in any Federal or State court or administrative agency, …unless and until presented in connection with a public proceeding or [otherwise] released” in connection with a disciplinary action.

How CompliantBackup helps you comply: Off Site Data Backups uses the industry’s best encryption and data protection tools available to maintain complete confidentiality. Your data is encrypted using 128-bit AES encryption, the U.S. government standard on your computer before being transmitted using Secure Socket Layer (SSL), and remain stored in encrypted format at our two mirrored data centers.
4. Title VIII: Corporate and Criminal Fraud Accountability Act of 2002

Explanation: “Knowingly” destroying or creating documents to “impede, obstruct or influence” any federal investigation, whether it exists or is contemplated, is a felony.

How CompliantBackup helps you comply: We employ the latest technology available to prevent unauthorized access to your data. Our state-of-the-art mirrored data centers employ top-level physical and technical security:
* Geographically separated (1,000 miles)
* Redundant power supply with backup generators
* Redundant Bandwidth with multiple providers
* Top-of-the-line EMC Storage Machines
* High-End HP Servers and CISCO Firewall Security
* Finger scanners, motion detectors and camera tracking
* Restricted access to our 24/7 expert technical response administrators only
5. Section 802: Document Alteration or Destruction
Section 1102: Tampering With a Record or Otherwise Impeding an Official Proceeding

Explanation: Criminalizes knowingly altering, destroying, mutilating, or concealing any document with the intent to impair the object’s integrity or availability for use in an official proceeding or to otherwise obstruct, influence or impede any official proceeding.

How CompliantBackup helps you comply: Offsite Data Backups protects your business by storing historical versions of documents that could potentially be the target of malicious destruction. Any file deleted off the backup view on a local PC or server remains at our data centers for 30 days and can be restored in minutes. We effectively mitigate your risk of prosecution by protecting data integrity and availability for official proceedings.