Sarbanes-Oxley Act (SOX)
AlgoSec provides end-users and auditors with automatically-completed SOX compliance reports of their firewalls.
The AlgoSec Firewall Analyzer SOX Compliance Report is based on the two control frameworks that have been widely adopted by public companies subject to the requirements of the U.S. Sarbanes-Oxley Act of 2002 (section 404): the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control Integrated Framework, released in 1992, and the IT Governance Institute's Control Objectives for Information and Related Technology (CobiT). Since the organization's firewalls form a crucial component in IT security infrastructure, controlling, monitoring, and auditing the firewalls are all activities that are subject to the COSO and CobiT frameworks.
The Firewall Analyzer's automatic risk assessment, based on industry best practices, addresses the COSO "Risk Assessment" component, and the following CobiT domains:
- PO9 – Assess Risks
- DS5 – Ensure System Security
- M2 – Assess Internal Control Adequacy
- M4 – Provide for Independent Audit
The Firewall Analyzer's change management offering, and in particular its Change History, E-mail Notification, and Upon-Policy-Install analysis, all address the COSO "Control Activities" component, and the following CobiT domains:
- AI4 – Develop and Maintain Procedures
- AI6 – Manage Changes
- DS9 – Manage the Configuration
- DS10 – Manage Problems and Incidents
- M1 – Monitor the Processes
The Firewall Analyzer's policy optimization offering, and in particular its Query feature, its Unused/Covered Rule analysis, Unused Object analysis, Disabled/Timed-out rule analysis, and non-logged/non-commented rule analysis, all address the COSO "Monitoring" component, and the following CobiT domains:
- DS9 – Manage the Configuration
- DS10 – Manage Problems and Incidents

To receive an automatically completed SOX Compliance Report on one of your firewalls register for a free evaluation.
To view sample reports and access an interactive demonstration register for our Customer Resource Center.
|