This document explains how Banking, Financial Institutions and Insurance entities or any other listed company can take the help of a document management software such as GLOBODOX to achieve compliance with SOX (Sarbanes-Oxley Act).
What is SOX?
SOX or Sarbanes – Oxley Act of 2002 is titled after its authors Senator Paul Sarbanes and Representative Michael Oxley.
This act came about in response to major corporate accounting scandals where in prominent American companies took advantage of lack of such regulatory law being in place.
SOX Act was passed with the purpose of building and restoring public confidence in the financial reports of American corporations.
The landmark law is designed to improve corporate responsibility and accountability, enhance financial reporting and disclosures, and ensure auditor independence. Failure to adhere to the act can result in devastating consequences; in some cases the damage done can be irreversible.
Why does SOX require Document Management?
The inevitable need of a Document Management Software is strongly sensed throughout the Sarbanes – Oxley Act.
- Section 404 of Sarbanes-Oxley emphasizes the importance of documents and records management and assessment.
- Sections 103, 104 and 801 necessarily require appropriate filing, retention and preservation of audit records.
- Section 105 requires that these records must also be easily retrievable.
- Section 408 states that the Securities Exchange Council (SEC) will review an organization’s financial records on a regular and systematic basis for the protection of the investors.
This Act also affects non-listed US companies across the world as businesses are looking to grow globally, both organically and inorganically. When SOX compliant companies decide to go for mergers, acquisitions, joint ventures or even just holding stakes in another company, more and more businesses are increasingly looking at firms that are SOX-ready. This means that all establishments today must have top-notch accounting and reporting processes in place.
What is GLOBODOX?
GLOBODOX is a document management software which allows an organization to…
- Create a secure, centralized and searchable repository of all it’s paper and electronic documents.
- Selectively control a user’s access to the repository
- Record details about a user’s access to the repository
Is GLOBODOX SOX compliant?
The covered organization is responsible for SOX compliance and not the vendor. The organization must have the mechanism in place that guarantees safe electronic storage, access and transmission of financial records.
It is organizations not technology that must be SOX compliant. However technology can be used to help the organization in it’s efforts to be SOX compliant.
How does GLOBODOX help with SOX compliance?
The use of GLOBODOX itself will not be enough for an organization to be SOX compliant. GLOBODOX as a document management software helps with the management and security of financial records – which is a big component of SOX. However it is important to note that there are aspects of SOX which are beyond the scope of a document management software (for e.g. employees are aware and follow the compliance program dutifully).
Organizations who wish to be SOX compliant can use GLOBODOX to take important steps towards that goal.
GLOBODOX has all the tools & features you will need to.
- Capture financial records (both stored on paper and those stored in electronic files)
- Set up a access control mechanism for these records
- Quickly search and find these records
The section below briefly describes GLOBODOX features and how they help an organization take important steps towards SOX compliance.
GLOBODOX provide easy to use tools to scan in paper based records. Records can be scanned in individually or in batch mode. Similarly electronic documents such as MS Word files,MS Excel files, PDF files, e-mail messages can be added to GLOBODOX individually or in batch mode.
GLOBODOX lets you store indexing information along with each document or for a set of documents. Indexing information is stored in data fields. You can create up to 200 data fields for storing indexing information. Data fields can store text, numeric, date, time and Boolean (Yes/No) values. For eg. For an invoice, you can create fields such Invoice No., Billing Company etc.
This indexing information can later be used to quickly find and retrieve records for a invoice or a group of related invoices.
GLOBODOX features a powerful and flexible multi-level security framework. GLOBODOX requires the user to login before he or she can get access to the documents and their indexing data. This ensures that only authenticated users known to the system get access to financial records.
GLOBODOX lets you specify access permissions on a user by user basis. For example you can decide that.
John, Tim and Mary are allowed to view records
However only Tim and Mary are allowed to modify records
While only Mary can also delete records
GLOBODOX security is so flexible that you can even specify that a user can only view particular records, documents or particular indexing fields!
Documents added to GLOBODOX can be optionally stored in encrypted form for additional security. Any of the industry standard encryption algorithms supported by GLOBODOX can be used to encrypt the documents.
The security features help you comply with SOX rules which state that an organization must protect financial records against unauthorized access or modifications.
Using this feature an organization can keep track of every action a user perform with GLOBODOX. For example you can find out.
When a particular user logged in?
What records/documents were viewed by the user?
When was a particular document added and by whom?
This feature helps you comply with SOX rules which state that information about each disclosure of a financial record must be available.
Check In/Check Out
This feature is designed to prevent two users from simultaneously modifying the same document. If a document is checked out for modification by a user then another user cannot open it for modification unless the document checked back in by the earlier user.
GLOBODOX can store and provide access to several versions of the same document. It can create a copy of the earlier version of a document whenever new changes are made to the document. You can therefore easily access an older version of a document at any time. You can even decide the number of versions to be saved for each document.
GLOBODOX helps organizations take important steps towards SOX compliance. Moreover using GLOBODOX to manage your financial records also results in reduced costs and increased efficiency.
If you have any questions or need additional information, please contact us at [email protected]