Ensuring Compliance with SOX Standards

Requires the Log Management and Compliance service in ArcSight SIEM as a Service or the ArcSight Recon capability.

In the Reports Portal, select Repository > Standard Content > Data Compliance Content > Sarbanes Oxley.

The Sarbanes-Oxley Act (SOX) is a United States federal law that was enacted in 2002. The stated purpose of the law is to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws and for other purposes.

To help you comply or prove compliance with SOX, we provide the Compliance Insight Package for SOX. For more information about adding the package to the Reports repository, see the Solutions Guide for ArcSight Insight Compliance Package for SOX. The guide includes information about identifying assets that must comply with SOX.

This package includes the following dashboards and reports, organized by SOX objectives:

Category	Dashboards	Reports
Executive Summary	Control Overview Controls Risk Score Overview Executive Cyber Threat Overview	n/a
ISO 5 Information Security Policies	Policy Violations Overview	Policy Violations
ISO 6 Organization of Information Security	VPN Connection Overview Wireless Attacks and Suspicious Activity	Outbound Communication from Development to Production Environment Outbound Communication from Production to Development Environment VPN Connection Summary Wireless Attacks and Suspicious Activity
ISO 7 Human Resource Security	Activity by User	n/a
ISO 8 Asset Management	Removable Media Activity	n/a
ISO 9 Access Control	n/a	Account Creations Account Deletions Account Lockouts by System Account Lockouts by User Insecure Ports Insecure Services Password Policy Changes Password Weaknesses User Group Account Creations User Group Account Deletions
ISO 10 Cryptography	n/a	SSH Vulnerabilities SSL or TLS Vulnerabilities VPN Vulnerabilities
ISO 11 Physical and Environmental Security	Failed Physical Physical Access Overview Successful Physical Physical Access Overview	Failed Building Physical Access Activity Summary Failed User Physical Access Activity Summary Successful Building Physical Access Activity Summary Successful User Physical Access Activity Summary
ISO 12 Operations Security	Administrative Login Overview Application Vulnerabilities Overview Failed Login Overview Failed Login Relationship Firewall Configuration Changes Malware Overview Successful Login Overview Unpatched Systems Vulnerability Overview	Antivirus Stopped or Paused Audit Log Cleared Database Configuration Changes Database Vulnerabilities Failed Administrative Login Summary Failed Antivirus Updates Failed Login by SOX Asset Failed Login Summary Firewall Configuration Changes High Risk Vulnerabilities Malware Summary Network Device Configuration Changes Overflow Vulnerabilities SQL Injection Vulnerabilities Successful Administrative Login Summary Successful Login by SOX Asset Unpatched Systems Vulnerability Summary by CVE ID Vulnerability Summary by SOX Asset Vulnerability Summary on SOX Environment XSRF Vulnerabilities XSS Vulnerabilities
ISO 13 Communications Security	DoS Activity Firewall Blocked Events	Covert Channel Activity DoS Attacks Summary Firewall Blocked Events
ISO 16 Information Security Incident Management	High Risk Events Overview MITRE ATT&CK Overview Reconnaissance Activity Threat Overview Threat Relationship	High Risk Events Summary MITRE ATT&CK Summary by MITRE Technique MITRE ATT&CK Summary by SOX Asset Reconnaissance Summary Threats Summary
ISO 17 Information Security Aspects of Business Continuity Management	n/a	Asset Shutdown Summary
ISO 18 Compliance	Information Disclosure Vulnerabilities Organization Information Leaks Personal Information Leakage Overview	Information Disclosure Vulnerabilities Organization Information Leaks Summary Personal Information Leakage Summary