Sarbanes-Oxley - ArcSight Compliance

ArcSight Compliance Insight Package for Sarbanes-Oxley: Comprehensive Sarbanes-Oxley (SOX) Compliance

ArcSight ESM Compliance Insight Package for Sarbanes-Oxley delivers a comprehensive, continuous event log monitoring and review solution to help manage and maintain Sarbanes-Oxley compliance.

Highlights:

  • Proactively identify and manage incidents and violations before they significantly impact the business
  • Establish compliance position; then measure, manage and report on a continual state of compliance
  • Pre-configured rules, dashboards and reports to immediately address Sarbanes-Oxley event log monitoring requirements

The Sarbanes-Oxley Event Monitoring and Review Problem
Publicly traded companies are quickly learning that Sarbanes-Oxley compliance includes the requirement to consolidate and review log activity for controls over financial systems. For many organizations, this has created the need to quickly institute a formalized event monitoring and review program in a very short period of time. These audit-driven event log monitoring and review requirements, as well as associated control framework recommendations, typically deliver little to no guidance as to what events to monitor, which logs to review, how the monitoring and review should be done or what proof is required to demonstrate effective event log monitoring. In addition, guidance from the Public Company Accounting Oversight Board (PCAOB) mandates that Sarbanes-Oxley audits must be risk-based, requiring organizations to demonstrate appropriate focus on both high and low risk activity.

Institute a Proactive Sarbanes-Oxley Compliance Program
The ArcSight ESM Compliance Insight Package for Sarbanes-Oxley delivers the guidance, process and proof to proactively and comprehensively address Sarbanes-Oxley compliance. Proactive compliance is more than simple log collection and review. It is about protecting and enabling your business to mitigate risk and address regulatory requirements, while increasing efficiencies and reducing cost. ArcSight ESM Compliance Insight Package for Sarbanes-Oxley incorporates a detailed set of customizable rules, dashboards, data monitors and reports that allows customers to establish their compliance position, and then measure and monitor their continuous state of compliance.

By implementing ArcSight ESM Compliance Insight Package for Sarbanes-Oxley, customers can proactively manage violations and incidents before they significantly impact the business. Application users and security professionals can quickly assess compliance status, remediate potential violations before sensitive information is exposed or financial systems are impacted, and demonstrate the effectiveness of controls to all levels of the organization as well as to auditors.

Strong Multi-Standards Approach
ArcSight ESM Compliance Insight Package for Sarbanes-Oxley is based on the ISO 17799:2005 and NIST 800-53 standards, a combination which provides comprehensive technical checks and risk-based operational context around compliance initiatives. This best-practices approach allows organizations to address the key event log monitoring and review requirements while still focusing on key services and financial reporting business processes. 

ArcSight ESM Compliance Insight Package for Sarbanes-Oxley Methodology
Risk prioritization is one of the key elements of a comprehensive, multi-standards based event log monitoring review program, as this allows a company to better understand the impact of events, and to enact the best processes and controls for managing risk. By mapping events to business processes and regulatory requirements, ArcSight allows companies to start to focus on monitoring and reviewing the assets that are of the greatest risk to their security and compliance state, so that they can effectively manage risk in a more proactive way, and mitigate threats and compliance violations before they significantly impact their business.

Benefits of ArcSight ESM Compliance Insight Package for Sarbanes-Oxley

  • Proactive management of compliance activity. ArcSight ESM Compliance Insight Package for Sarbanes-Oxley is tuned to identify and monitor compliance activities in order to proactively manage violations before they significantly impact your business. By proactively managing compliance initiatives, application users and security professionals can quickly assess compliance status, remediate potential violations before sensitive information is exposed or financial systems are impacted and demonstrate the effectiveness of controls to all levels of the organization, as well as to auditors.

  • Trend reporting and baseline. ArcSight ESM Compliance Insight Package for Sarbanes-Oxley includes trend reporting and baseline functionality to help organizations establish baselines of their security controls. ArcSight ESM Compliance Insight Package for Sarbanes-Oxley can retroactively build trends based on old or existing data, which can establish an historical compliance position. This baseline can validate historical compliance status, as well as monitoring the continuous compliance state of monitored controls across the organization for the entire compliance lifecycle, not just on a static day.

  • Comprehensive report templates assess the effectiveness of IT controls. ArcSight ESM Compliance Insight Package for Sarbanes-Oxley provides over 60 correlation rules and more than 200 customizable dashboards, reports and data monitors to measure and report on the effectiveness of controls through both business process activity review and technical security control checks. These views proactively provide a comprehensive status of issues and violations against specific Sarbanes-Oxley requirements.

  • Identity and role correlation. ArcSight ESM Compliance Insight Package for Sarbanes-Oxley allows an organization to tie an individual to all his or her logical and physical identities, as well as comparing the action of any identity to a specific business role and function. To support Sarbanes-Oxley requirements for user management, it is critical to be able to attribute actions originating from a specific device back to its owner, as well as being able to show all events across the IT environment that are related to a particular user. By doing this, it allows you to demonstrate that user management and related access controls are operating effectively, and by querying all events associated with a particular user, you can validate that any access or authorization violation from that user did not significantly impact other IT or financial systems.

Designed to Leverage ArcSight ESM
ArcSight ESM Compliance Insight Package for Sarbanes-Oxley seamlessly installs and immediately leverages ArcSight ESM — the core SIEM solution for compliance, security and insider threat. ArcSight ESM provides the strongest feature set to ensure that data is accurately collected and efficiently stored as well as the strongest analytic capabilities to provide immediate context to both security and compliance events. Customers can leverage the incredible flexibility and workflow of ArcSight ESM to easily focus compliance log review on their unique policies, procedures, infrastructure and audit points.

ArcSight Compliance Insight Packages Family
ArcSight ESM Compliance Insight Package for Sarbanes-Oxley is part of the ArcSight Compliance Insight Package Family. This suite of content offerings delivers log review and security monitoring based on security and audit best practices to help organizations meet regulatory compliance requirements and institute a strong IT governance program.