Demonstrating SOX Compliance is Still Too Manual
Sarbanes-Oxley IT compliance has driven public companies and their vendors to adopt stringent IT controls based on ITIL, COBiT, COSO, ISO 17799, BS-7799 and other best-practice frameworks for IT operations and security. Demonstrating these controls has become a huge burden for IT operations, inundating them with ad hoc requests for reports on everything from firewall to wireless access point activity. The technologies used to implement these different controls all log in different locations and formats and produce massive volumes of data. Administrators need to log into different servers and tools and write one-off scripts to satisfy auditor requests. Additionally the routine review of log data takes hours of manual analysis every day.
Automate Reporting, Respond Immediately to Auditor Requests
Splunk indexes all of the data that is generated by every technology deployed for SOX compliance to enable instantaneous retrieval of any information that IT auditors request. You can schedule searches and reports and add them to dashboards to automate the verification of control effectiveness. An intuitive web interface, automated classification and interactive filters and histograms automate and improve the effectiveness of daily log review controls, saving hours per day and eliminating significant operational and security risk.