The Sarbanes-Oxley Act, or SOX as it is commonly known as, is an act that was passed by the US Congress in the year 2002. The act was passed so that investors and other financial parties could be protected from the possible problems that could arise due to fraudulent accounting practices of corporations. The act has received a lot of press as its various legal reforms forced corporations, data centers included, to take note of their financial records and the way they are being maintained. The Sarbanes-Oxley Act affects corporations and the companies and institutions that offer Information Technology support.
Since data centers handle sensitive financial data related to corporations, they too are governed by the legal bindings of the Sarbanes-Oxley Act. Data center policies have to conform to reforms laid down by the Act. Procedures pertaining to financial aspects are required to be in place in order to achieve compliance, and, of course, to avoid the long list of serious implications that non-compliance could lead to .
As per Sec. 802 (a) (1), “alteration, destruction, mutilation, concealment, covering up, falsification, making of false entries in any record, document or tangible object” is strictly prohibited and could warrant strict action against the guilty corporations in the form of:
- Liability to face criminal or civil prosecution
- Possibility of investigations by the U.S. Securities and Exchange Commission
- Forfeit of profits gained through such means or reimbursement of losses avoided
- Liability to pay a penalty amount of up to a million dollars, or three times the misrepresented amount, whichever is greater
- Imprisonment of guilty personnel for a term of up to 10 years
Detecting and monitoring possible flaws, taking validated steps to set them right, completing third-party audits on a regular basis, and a rigid internal financial and data-protection policy are some of the steps a data center can follow in order to realize an infallible compliance program.
If you're looking for an outsourced solution that will handle all of these compliances issues for you, contact us at Lifeline Data Centers today.