sox
Safeguard articles tagged "sox" — guides, analysis, and best practices for software supply chain and application security.
4 articles
SOX Compliance for Software: IT General Controls and the Supply Chain
Sarbanes-Oxley is a financial-reporting law, but it reaches deep into the software that produces the numbers. Here's how IT general controls, change management, and dependency integrity fit under SOX.
SOX IT Controls Meet Software Controls
Sarbanes-Oxley IT general controls predate modern software delivery. Here's how change management, access, and segregation of duties controls actually look when applied to CI/CD pipelines and software components.
SOX IT Controls and Software Supply Chain
SOX ITGCs are being rewritten around open-source software and build integrity as PCAOB and SEC scrutiny extends ICFR into the developer toolchain for the first time.
SOX Compliance in Software Development: The Supply Chain Angle
Sarbanes-Oxley requirements for internal controls extend into software development and supply chain integrity. Here's the connection most teams miss.