Smart Phone Compliance 2754

  • Are there any SOX requirements regarding smart phone compliance on devices such as blackberry, iPhone, palm pre, etc.?
    These carry e-mail which coud contain financial data theoretically, therefore does SOX apply rules regarding how they must be secured in terms of PIN protection, remote wiping, encryption, etc.?
    Any information would be greatly appreciated.

  • No SOX sets no requirements on anything this specific.

  • Agree with Denis - as being outside scope of SOX 404 … Still, as this technology advances it’s something to keep an eye on. As SOX is a self regulatory risk assessment exercise for minimum standards, you can certainly always go the 2nd mile in ensuring policies and procedures are in place (ensuring that financial info is protected in these environment as well) … It’s outside the scope of SOX but well worth doing 🙂

Log in to reply