The AlgoSec Firewall Analyzer SOX Compliance Report is based on the two control frameworks that have been widely adopted by public companies subject to the requirements of the U.S. Sarbanes-Oxley Act of 2002 (section 404): the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Internal Control Integrated Framework, released in 1992, and the IT Governance Institute's Control Objectives for Information and Related Technology (CobiT). Since the organization's firewalls form a crucial component in IT security infrastructure, controlling, monitoring, and auditing the firewalls are all activities that are subject to the COSO and CobiT frameworks.

The Firewall Analyzer's automatic risk assessment, based on industry best practices, addresses the COSO "Risk Assessment" component, and the following CobiT domains:

PO9 – Assess Risks
DS5 – Ensure System Security
M2 – Assess Internal Control Adequacy
M4 – Provide for Independent Audit

The Firewall Analyzer's change management offering, and in particular its Change History, E-mail Notification, and Upon-Policy-Install analysis, all address the COSO "Control Activities" component, and the following CobiT domains:

AI4 – Develop and Maintain Procedures
AI6 – Manage Changes
DS9 – Manage the Configuration
DS10 – Manage Problems and Incidents
M1 – Monitor the Processes

The Firewall Analyzer's policy optimization offering, and in particular its Query feature, its Unused/Covered Rule analysis, Unused Object analysis, Disabled/Timed-out rule analysis, and non-logged/non-commented rule analysis, all address the COSO "Monitoring" component, and the following CobiT domains:

DS9 – Manage the Configuration
DS10 – Manage Problems and Incidents

To receive an automatically completed SOX Compliance Report on one of your firewalls register for a free evaluation.

To view sample reports and access an interactive demonstration register for our Customer Resource Center.

Why AlgoSec

Get A FREE Evaluation

Satisfaction Guarantee

How To Buy