The 404 on Sarbox
Section 404 of the Sarbanes-Oxley Act (Sox) requires companies to establish controls that provide reasonable protection against preventable events that could influence a company's value.
By Ben Worthen
April 01, 2006 — CSO —
Section 404 of the Sarbanes-Oxley Act (Sox) requires companies to establish controls that provide reasonable protection against preventable events that could influence a company's value. This means, for example, making sure that employees couldn't use a company's systems to commit acts of fraud. The same logic applies to supply chains: Companies need to have controls that protect them against an adverse event. Other sections of Sox also could cover supply chain security. Section 401 requires companies to account for risk in their off-balance-sheet transactions, such as their supply chains. And Section 409 requires companies to report "on a rapid and current basis" events that could have a material impact. One can assume that a bomb in a cargo box would have such an impact.
Read more about supply chain security in CSOonline's Supply Chain Security section.
ESSENTIAL READING
Good supply chain security accelerates your business, rather than slowing it down. Reduce loss, meet supplier and customer requirements, and protect your brand with expert advice in these foundational articles.
5 game-changing supply chain security threats
Economic blahs, black swan events, and more
How to improve supply chain security
The trick is to keep the goods moving!
Loading dock security
10 steps to protect supplies, employees and partners—without slowing down your business
Counterfeit products: faked in China
Aggressive counterfeiting, surplus manufacturing equipment, and lax intellectual property laws: 13 ideas to protect your company and brand
Inside Starbucks' supply chain
Supply chain security: calculating the payoff
- Introduction to VMware vCenter Site Recovery Manager 5
- Reliable Disaster Protection with VMware vCenter Site Recovery Manager
- Introduction to Virtualization
- What CSOs are saying about Advanced Persistent Threats
- Securing Your BYOD Strategy: Cisco Secure Mobility Solutions
- Securing Your BYOD Strategy: Cisco Secure Mobility Solutions
- ESG Analyst White Paper - VMware's vSphere Storage Appliance: High Availability for Small IT Operations
- Forrester: Economic Impact of Switching to Google Apps
- TechRepublic: Cloud Computing - Potential Value for Your Company?
- ESG Analyst Whitepaper - Virtualization Management Critical to Achieving Scale and Efficiency
- Forrester Analyst White Paper "The State of Enterprise Disaster Recovery Preparedness 2011"
- eBook: A Guide to Modern IT Disaster Recovery
- Patch Tuesday preview, February 2012
Microsoft published its Patch Tuesday Preview for February of 2012 a few minutes ago. IT admins can expect nine bulletins to address 21 security vulnerabilities.
It looks like four bulletins will be rated critical while the rest are designated as important.
Affected Microsoft products are:
- M86 report proves water is wet
- Actor, banker, soldier, spy: Suits and Spooks Anti-Conference aims to redefine security
More Salted Hash with Bill Brenner
