Sarbanes-Oxley (SOX) Policy

The Sarbanes-Oxley Act of 2002 (SOX) is a United States Federal law enacted in response to several major corporate and accounting scandals, including Enron, Tyco International and WorldCom to name a few. Public companies that are subject to SOX are encouraged to adopt Cobit and/or COSO frameworks.

Tripwire's SOX policy is based on the Public Company Accounting Oversight Board (PCAOB) auditing standard #2 (12 IT Control objectives) and COBIT. PCAOB is a preferred mapping for SOX and its published cross reference to COBIT. Our policies address sections 8 (Ensure Systems Security),11 (Manage Data) and 13 (Manage Operations)