database auditing and monitoring fit within a SOX compliance framework.
8/2/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&i 1/3
%26
%11
SafeAssign Originality Report
Database Security – 202031 – CRN220 – Scavotto Week 12 Paper
%37Total Score: Medium risk
Vaishali Katherapalli
Submission UUID:86b53d9d-5283-0df7-d8dc-3c8373b210f4
Total Number of Reports
1
Highest Match
37 %
Week12Asst.docx
Average Match
37 %
Submitted on
08/02/20
02:25 PM EDT
Average Word Count
996
Highest:Week12Asst.docx
%37Attachment1
Institutional database(7)
Student paper Student paper Student paper
Student paper Student paper Student paper
Student paper
Internet(3)
Top sources(3)
Excluded sources(0)
View Originality Report – Old Design
Word Count:996
Week12Asst.docx
7 1 4
5 2 8
9
6 3 10
7 Student paper 1 Student paper 6 intonenetworks
Running Head: DATABASE AUDITING AND MONITORING FIT WITHIN A SOX COMPLIANCE FRAMEWORK. 1
DATABASE AUDITING AND MONITORING FIT WITHIN A SOX COMPLIANCE FRAMEWORK 4
Database auditing and monitoring
Students Name: Professors Name: Date:
Database Auditing and Monitoring Fit Within a SOX Compliance Framework Database auditing is the tracking of database, authority, and resources
utilization precisely, recording, and actions monitoring of the database user. It also helps one to comply with increasingly demanding compliance. It
involves observing a database to become aware of users of database actions. The administrators and consultants usually set up auditing for security
to make sure that those who do not have permission to have access to data do not access it. When one audits a database, each data operation can
be monitored and logged to an audit trail, which involves information on the database data recorded was interfered with, which account acted, and
the time the activity occurred. SOX was passed to safeguard the shareholders fraudulent practices and accounting errors in enterprises, the
general public, and improve the accuracy of corporate disclosures. (NAWA, 2007) The Sarbanes-Oxley Act is known as the Public Company Ac-
counting Reform, and the Investor Protection Act is a United States federal law, which sets standards for all U.S. public company boards.. It sets
deadlines for compliance and publishes rules on requirements. All companies that are public now must abide by SOX on the I.T side and financial
sides. The storage of corporate electronic records by I.T. departments changed as an outcome of SOX. This act does not specify the storage of
records by a company or establishes a set of business practices; it does not explain the length of the time for storage and which records should be
stored. For a corporation to abide by SOX, it must save all the records for the business, including electronic messages and electronic records, for
more than five years. The great plan of action for SOX compliance is to have controls of security that are correct in place to make sure that financial
data is protected against loss and accuracy. Relying on the appropriate tools and developing best practices helps the business to reduce SOX man-
1
2
3
4
5
6
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&download=true&includeDeleted=true&print=true&force=true
8/2/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&i 2/3
Source Matches(15)
Student paper 100%
Student paper 96%
home 66%
Student paper 69%
agement costs and automate SOX compliance. (Pilewski, 2010 Sarbanes Oxley Advisory services can help an organization with the implementa-
tion and maintenance of sustainable SOX 404 compliance programs through readiness assessments, through documentation and testing assistance
and sustainability assessment.” Auditing and monitoring the database system is essential to address all five of the SOX regulations. A compre-
hensive auditing strategy tracks user activity, security changes, schema modifications, and other events that reveal potential and real threats to se-
curity. Detailed auditing is integral to meeting requirements for internal control and assessing those controls and their effectiveness determination.
Even though this auditing level can affect resource requirements and performance, it must be utilized to its fullest to provide the necessary controls.
Auditing solutions are available in a significant database system of management and involves the ability to generate comprehensive reports and to
set up alerts. To comply with SOX, DBAs must ensure the availability, integrity, and data security and environment. They must have effective
monitoring to guarantee the protection that is ongoing and meet the internal control requirements. The law of SOX does not specify how to go
about implementing all this., only that it needs to be done. For most database teams, what law requires, much of it is consistent with management
best practices they already have in place and security. Complying with the law of SOX can be a complicated process. And the database team should
work closely with other organizations to make sure nothing slips through the cracks and that all regulations are met. Those involved in planning a
compliance strategy must fully grasp how regulations work and the implications for being out of compliance. The Sarbanes Oxley Act needs fi-
nancial statements to include a report on internal control. This illustrates that the organization’s information on the financial statement is correct,
and proper controls are in place to safeguard financial information. An independent external SOX auditor requires to assess policies, proce-
dures, and controls during the audit section. An audit will also consider personnel, and staff may be interviewed to confirm that their job descrip-
tions rematch their duties and that they have needed the training to access finance data safely. (“SOX audits) ‘Auditors must ensure that the popula-
tion and any sample have originated in the current fiscal year. Samples taken from the previous year cannot prove that the controls are effective at
the time of the audit. The most significant component of the SOX compliance audit is to review an organizations internal controls. They include all
computers, electronic equipment, network hardware, and I.T.
3
7
8
9
6
assets. SOX mandates the company’s complete yearly audit, and it makes those results suitable for any stakeholders. Independent auditors are
hired to finish the SOX audits, which must be disunited from any other audit to anticipate a conflict of interest. The fundamental reason for the SOX
compliance audit is the financial statement verification of a company. This auditor compares current statements to past statements and determines
if everything is agreeable. They can also confirm that compliance controls are enough to maintain SOX compliance standards and interview per-
sonnel. As we conclude, we should know that SOX is a good business practice but not just a legal obligation. Organizations should restrict access to
financial systems and behave ethically. The implication of SOX financial security controls has the side benefits of safeguarding the company for cy-
ber attackers stealing their private data.
References
Pilewski, B. A. (2010). Sarbanes-Oxley Act of 2002 (SOX): Compliance. Encyclopedia of Information Assurance, 2575-2581. doi:10.1081/e-eia-
120046849
NAWA, K. (2007). Sequestered science and SOX act for scientific research. Journal of Information Processing and Management, 50(6), 367-368.
doi:10.1241/johokanri.50.367
SOX audits. (n.d.). Internal Audit Handbook, 389-401. doi:10.1007/978-3-540-70887-2_22
1
1
10
1
Student paper
DATABASE AUDITING AND MONI-
TORING FIT WITHIN A SOX COMPLI-
ANCE FRAMEWORK.
Original source
Database auditing and monitoring fit
within a SOX compliance framework
2
Student paper
DATABASE AUDITING AND MONI-
TORING FIT WITHIN A SOX COMPLI-
ANCE FRAMEWORK 4
Original source
HOW DATABASE AUDITING AND
MONITORING FIT WITHIN A SOX
COMPLIANCE FRAMEWORK 4
3
Student paper
Database auditing and monitoring
Original source
Continuous Auditing and Monitoring
4
Student paper
SOX was passed to safeguard the
shareholders fraudulent practices
and accounting errors in enterprises,
the general public, and improve the
accuracy of corporate disclosures.
Original source
In 2002, the United States Congress
passed the Sarbanes-Oxley Act (SOX)
to protect shareholders and the gen-
eral public from accounting errors
and fraudulent practices in enter-
prises, and to improve the accuracy
of corporate disclosures (Groot,
2019)
8/2/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&i 3/3
Student paper 68%
intonenetworks 82%
home 87%
Student paper 84%
Student paper 71%
Student paper 83%
Student paper 65%
intonenetworks 73%
Student paper 65%
Student paper 74%
model160 87%
5
Student paper
(NAWA, 2007) The Sarbanes-Oxley
Act is known as the Public Company
Accounting Reform, and the Investor
Protection Act is a United States fed-
eral law, which sets standards for all
U.S.
Original source
The Sarbanes-Oxley Act of 2002, also
known as SOX or the Public Compa-
ny Accounting Reform and Investor
Protection Act, is federal law
6
Student paper
It sets deadlines for compliance and
publishes rules on requirements.
Original source
The act sets pre-defined deadlines
for compliance and publishes rules
on requirements
3
Student paper
(Pilewski, 2010 Sarbanes Oxley Advi-
sory services can help an organiza-
tion with the implementation and
maintenance of sustainable SOX 404
compliance programs through readi-
ness assessments, through docu-
mentation and testing assistance
and sustainability assessment.”
Original source
KPMG’s Sarbanes Oxley Advisory
Services (SOAS) can help an organi-
zation with the implementation and
maintenance of sustainable SOX 404
compliance programs through readi-
ness assessments, through docu-
mentation and testing assistance
and through sustainability
assessments
7
Student paper
Auditing and monitoring the data-
base system is essential to address
all five of the SOX regulations. A
comprehensive auditing strategy
tracks user activity, security changes,
schema modifications, and other
events that reveal potential and real
threats to security. Detailed auditing
is integral to meeting requirements
for internal control and assessing
those controls and their effective-
ness determination. Even though
this auditing level can affect re-
source requirements and perfor-
mance, it must be utilized to its
fullest to provide the necessary
controls.
Original source
Monitoring and auditing the data-
base systems is essential to address-
ing the SOX regulations A compre-
hensive auditing strategy tracks user
activity, data and schema modifica-
tions, security changes, and other
events, helping to reveal both real
and potential security threats “De-
tailed auditing is also integral to
meeting the requirements for inter-
nal controls and for assessing those
controls and determining their effec-
tiveness Although this level of audit-
ing can impact performance and re-
source requirements, it must be uti-
lized to its fullest to provide the nec-
essary controls
7
Student paper
Auditing solutions are available in a
significant database system of man-
agement and involves the ability to
generate comprehensive reports
and to set up alerts.
Original source
Fortunately, auditing solutions are
available in most major databases
management systems and include
the ability to set up alerts and gener-
ate comprehensive reports.”
8
Student paper
To comply with SOX, DBAs must en-
sure the availability, integrity, and
data security and environment.
Original source
DBAs must ensure the security and
the integrity of the data in order to
comply with SOX
9
Student paper
The Sarbanes Oxley Act needs finan-
cial statements to include a report
on internal control.
Original source
“The Sarbanes Oxley Act requires all
financial reports to include an Inter-
nal Controls Report
6
Student paper
An independent external SOX audi-
tor requires to assess policies, pro-
cedures, and controls during the au-
dit section. An audit will also consid-
er personnel, and staff may be inter-
viewed to confirm that their job de-
scriptions rematch their duties and
that they have needed the training
to access finance data safely.
Original source
An independent external SOX audi-
tor is required to review controls,
policies, and procedures during the
Section 404 audit An audit will also
look at people working at the firm
and may interview staff to confirm
that their duties correspond to their
job description and that they have
the required training to safely access
financial information
1
Student paper
SOX mandates the company’s com-
plete yearly audit, and it makes
those results suitable for any stake-
holders. Independent auditors are
hired to finish the SOX audits, which
must be disunited from any other
audit to anticipate a conflict of
interest.
Original source
SOX mandates companies complete
yearly audits and make those results
easily available to any stakeholders
Companies hire independent audi-
tors to complete the SOX audits,
which must be separate from any
other audits to prevent a conflict of
interest
1
Student paper
They can also confirm that compli-
ance controls are enough to main-
tain SOX compliance standards and
interview personnel.
Original source
Auditors can also interview person-
nel and verify that compliance con-
trols are sufficient to maintain SOX
compliance standards. (UpGuard,
2020)
10
Student paper
Sarbanes-Oxley Act of 2002 (SOX):
Original source
The Sarbanes-Oxley Act of 2002 8/2/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&i 1/3
%26
%11
SafeAssign Originality Report
Database Security – 202031 – CRN220 – Scavotto Week 12 Paper
%37Total Score: Medium risk
Vaishali Katherapalli
Submission UUID:86b53d9d-5283-0df7-d8dc-3c8373b210f4
Total Number of Reports
1
Highest Match
37 %
Week12Asst.docx
Average Match
37 %
Submitted on
08/02/20
02:25 PM EDT
Average Word Count
996
Highest:Week12Asst.docx
%37Attachment1
Institutional database(7)
Student paper Student paper Student paper
Student paper Student paper Student paper
Student paper
Internet(3)
intonenetworks home model160
Top sources(3)
Excluded sources(0)
View Originality Report – Old Design
Word Count:996
Week12Asst.docx
7 1 4
5 2 8
9
6 3 10
7 Student paper 1 Student paper 6 intonenetworks
Running Head: DATABASE AUDITING AND MONITORING FIT WITHIN A SOX COMPLIANCE FRAMEWORK. 1
DATABASE AUDITING AND MONITORING FIT WITHIN A SOX COMPLIANCE FRAMEWORK 4
Database auditing and monitoring
Students Name: Professors Name: Date:
Database Auditing and Monitoring Fit Within a SOX Compliance Framework Database auditing is the tracking of database, authority, and resources
utilization precisely, recording, and actions monitoring of the database user. It also helps one to comply with increasingly demanding compliance. It
involves observing a database to become aware of users of database actions. The administrators and consultants usually set up auditing for security
to make sure that those who do not have permission to have access to data do not access it. When one audits a database, each data operation can
be monitored and logged to an audit trail, which involves information on the database data recorded was interfered with, which account acted, and
the time the activity occurred. SOX was passed to safeguard the shareholders fraudulent practices and accounting errors in enterprises, the
general public, and improve the accuracy of corporate disclosures. (NAWA, 2007) The Sarbanes-Oxley Act is known as the Public Company Ac-
counting Reform, and the Investor Protection Act is a United States federal law, which sets standards for all U.S. public company boards.. It sets
deadlines for compliance and publishes rules on requirements. All companies that are public now must abide by SOX on the I.T side and financial
sides. The storage of corporate electronic records by I.T. departments changed as an outcome of SOX. This act does not specify the storage of
records by a company or establishes a set of business practices; it does not explain the length of the time for storage and which records should be
stored. For a corporation to abide by SOX, it must save all the records for the business, including electronic messages and electronic records, for
more than five years. The great plan of action for SOX compliance is to have controls of security that are correct in place to make sure that financial
data is protected against loss and accuracy. Relying on the appropriate tools and developing best practices helps the business to reduce SOX man-
1
2
3
4
5
6
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&download=true&includeDeleted=true&print=true&force=true
8/2/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&i 2/3
Source Matches(15)
Student paper 100%
Student paper 96%
home 66%
Student paper 69%
agement costs and automate SOX compliance. (Pilewski, 2010 Sarbanes Oxley Advisory services can help an organization with the implementa-
tion and maintenance of sustainable SOX 404 compliance programs through readiness assessments, through documentation and testing assistance
and sustainability assessment.” Auditing and monitoring the database system is essential to address all five of the SOX regulations. A compre-
hensive auditing strategy tracks user activity, security changes, schema modifications, and other events that reveal potential and real threats to se-
curity. Detailed auditing is integral to meeting requirements for internal control and assessing those controls and their effectiveness determination.
Even though this auditing level can affect resource requirements and performance, it must be utilized to its fullest to provide the necessary controls.
Auditing solutions are available in a significant database system of management and involves the ability to generate comprehensive reports and to
set up alerts. To comply with SOX, DBAs must ensure the availability, integrity, and data security and environment. They must have effective
monitoring to guarantee the protection that is ongoing and meet the internal control requirements. The law of SOX does not specify how to go
about implementing all this., only that it needs to be done. For most database teams, what law requires, much of it is consistent with management
best practices they already have in place and security. Complying with the law of SOX can be a complicated process. And the database team should
work closely with other organizations to make sure nothing slips through the cracks and that all regulations are met. Those involved in planning a
compliance strategy must fully grasp how regulations work and the implications for being out of compliance. The Sarbanes Oxley Act needs fi-
nancial statements to include a report on internal control. This illustrates that the organization’s information on the financial statement is correct,
and proper controls are in place to safeguard financial information. An independent external SOX auditor requires to assess policies, proce-
dures, and controls during the audit section. An audit will also consider personnel, and staff may be interviewed to confirm that their job descrip-
tions rematch their duties and that they have needed the training to access finance data safely. (“SOX audits) ‘Auditors must ensure that the popula-
tion and any sample have originated in the current fiscal year. Samples taken from the previous year cannot prove that the controls are effective at
the time of the audit. The most significant component of the SOX compliance audit is to review an organizations internal controls. They include all
computers, electronic equipment, network hardware, and I.T.
3
7
8
9
6
assets. SOX mandates the company’s complete yearly audit, and it makes those results suitable for any stakeholders. Independent auditors are
hired to finish the SOX audits, which must be disunited from any other audit to anticipate a conflict of interest. The fundamental reason for the SOX
compliance audit is the financial statement verification of a company. This auditor compares current statements to past statements and determines
if everything is agreeable. They can also confirm that compliance controls are enough to maintain SOX compliance standards and interview per-
sonnel. As we conclude, we should know that SOX is a good business practice but not just a legal obligation. Organizations should restrict access to
financial systems and behave ethically. The implication of SOX financial security controls has the side benefits of safeguarding the company for cy-
ber attackers stealing their private data.
References
Pilewski, B. A. (2010). Sarbanes-Oxley Act of 2002 (SOX): Compliance. Encyclopedia of Information Assurance, 2575-2581. doi:10.1081/e-eia-
120046849
NAWA, K. (2007). Sequestered science and SOX act for scientific research. Journal of Information Processing and Management, 50(6), 367-368.
doi:10.1241/johokanri.50.367
SOX audits. (n.d.). Internal Audit Handbook, 389-401. doi:10.1007/978-3-540-70887-2_22
1
1
10
1
Student paper
DATABASE AUDITING AND MONI-
TORING FIT WITHIN A SOX COMPLI-
ANCE FRAMEWORK.
Original source
Database auditing and monitoring fit
within a SOX compliance framework
2
Student paper
DATABASE AUDITING AND MONI-
TORING FIT WITHIN A SOX COMPLI-
ANCE FRAMEWORK 4
Original source
HOW DATABASE AUDITING AND
MONITORING FIT WITHIN A SOX
COMPLIANCE FRAMEWORK 4
3
Student paper
Database auditing and monitoring
Original source
Continuous Auditing and Monitoring
4
Student paper
SOX was passed to safeguard the
shareholders fraudulent practices
and accounting errors in enterprises,
the general public, and improve the
accuracy of corporate disclosures.
Original source
In 2002, the United States Congress
passed the Sarbanes-Oxley Act (SOX)
to protect shareholders and the gen-
eral public from accounting errors
and fraudulent practices in enter-
prises, and to improve the accuracy
of corporate disclosures (Groot,
2019)
8/2/2020 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=1c1a1f2f-2c2c-4098-97c8-a022e777ddf7&course_id=_48137_1&i 3/3
Student paper 68%
intonenetworks 82%
home 87%
Student paper 84%
Student paper 71%
Student paper 83%
Student paper 65%
intonenetworks 73%
Student paper 65%
Student paper 74%
model160 87%
5
Student paper
(NAWA, 2007) The Sarbanes-Oxley
Act is known as the Public Company
Accounting Reform, and the Investor
Protection Act is a United States fed-
eral law, which sets standards for all
U.S.
Original source
The Sarbanes-Oxley Act of 2002, also
known as SOX or the Public Compa-
ny Accounting Reform and Investor
Protection Act, is federal law
6
Student paper
It sets deadlines for compliance and
publishes rules on requirements.
Original source
The act sets pre-defined deadlines
for compliance and publishes rules
on requirements
3
Student paper
(Pilewski, 2010 Sarbanes Oxley Advi-
sory services can help an organiza-
tion with the implementation and
maintenance of sustainable SOX 404
compliance programs through readi-
ness assessments, through docu-
mentation and testing assistance
and sustainability assessment.”
Original source
KPMG’s Sarbanes Oxley Advisory
Services (SOAS) can help an organi-
zation with the implementation and
maintenance of sustainable SOX 404
compliance programs through readi-
ness assessments, through docu-
mentation and testing assistance
and through sustainability
assessments
7
Student paper
Auditing and monitoring the data-
base system is essential to address
all five of the SOX regulations. A
comprehensive auditing strategy
tracks user activity, security changes,
schema modifications, and other
events that reveal potential and real
threats to security. Detailed auditing
is integral to meeting requirements
for internal control and assessing
those controls and their effective-
ness determination. Even though
this auditing level can affect re-
source requirements and perfor-
mance, it must be utilized to its
fullest to provide the necessary
controls.
Original source
Monitoring and auditing the data-
base systems is essential to address-
ing the SOX regulations A compre-
hensive auditing strategy tracks user
activity, data and schema modifica-
tions, security changes, and other
events, helping to reveal both real
and potential security threats “De-
tailed auditing is also integral to
meeting the requirements for inter-
nal controls and for assessing those
controls and determining their effec-
tiveness Although this level of audit-
ing can impact performance and re-
source requirements, it must be uti-
lized to its fullest to provide the nec-
essary controls
7
Student paper
Auditing solutions are available in a
significant database system of man-
agement and involves the ability to
generate comprehensive reports
and to set up alerts.
Original source
Fortunately, auditing solutions are
available in most major databases
management systems and include
the ability to set up alerts and gener-
ate comprehensive reports.”
8
Student paper
To comply with SOX, DBAs must en-
sure the availability, integrity, and
data security and environment.
Original source
DBAs must ensure the security and
the integrity of the data in order to
comply with SOX
9
Student paper
The Sarbanes Oxley Act needs finan-
cial statements to include a report
on internal control.
Original source
“The Sarbanes Oxley Act requires all
financial reports to include an Inter-
nal Controls Report
6
Student paper
An independent external SOX audi-
tor requires to assess policies, pro-
cedures, and controls during the au-
dit section. An audit will also consid-
er personnel, and staff may be inter-
viewed to confirm that their job de-
scriptions rematch their duties and
that they have needed the training
to access finance data safely.
Original source
An independent external SOX audi-
tor is required to review controls,
policies, and procedures during the
Section 404 audit An audit will also
look at people working at the firm
and may interview staff to confirm
that their duties correspond to their
job description and that they have
the required training to safely access
financial information
1
Student paper
SOX mandates the company’s com-
plete yearly audit, and it makes
those results suitable for any stake-
holders. Independent auditors are
hired to finish the SOX audits, which
must be disunited from any other
audit to anticipate a conflict of
interest.
Original source
SOX mandates companies complete
yearly audits and make those results
easily available to any stakeholders
Companies hire independent audi-
tors to complete the SOX audits,
which must be separate from any
other audits to prevent a conflict of
interest
1
Student paper
They can also confirm that compli-
ance controls are enough to main-
tain SOX compliance standards and
interview personnel.
Original source
Auditors can also interview person-
nel and verify that compliance con-
trols are sufficient to maintain SOX
compliance standards. (UpGuard,
2020)
10
Student paper
Sarbanes-Oxley Act of 2002 (SOX):
Original source
The Sarbanes-Oxley Act of 2002
