| This paper analyzed the ward content raised by SOX for the business, focus on how to follow SOX in information security management area.This paper gets the goal of information security management in following SOX, analyzed the requirement on information security management, and then got the solution. In this paper's point, the business need create information security management system; information security control strategy and management rule based on the goad of following SOX. This paper gives a solution, which was validated widely. This solution mainly resolved the reliability and integrality of finance information when business public its finance report and internal control report. This solution will insure that only authorized employee can access the data based on intelligent identify management; will insure the conformance of finance information data flow based on providing security access control on access/transfer/use finance data; will implement the traceability and can be audited in the process of using finance information based on providing complete audio solution. Implemented and perfected above solution dynamically, this will avoid the employee to proceed the gray trades and clean up internal control risk, then the business can meet Sox's following requirement. |
PDF Full Text Request