The Sarbanes-Oxley Act (SOX) of 2002 applies in-part to accounting systems and data, and it imposes a list of objectives designed to ensure the integrity of financial reports published by publicly traded businesses. Cloud hosting providers must provide documentation into their internal SOX controls in order to ensure the integrity of the cloud based financial system.
Providers of cloud based financials must be able to provide documentation that internal controls are in place at the accounting data centers and within their internal operations to satisfy SOX cloud requirements.
A full service cloud application hosting provider will provide auditors with documentation of their own internal controls regarding Change Management, Logical Access Restrictions, Physical Security, IT Operations, and Backup & Recovery. You can learn more about these internal controls for cloud services providers in this SOX Cloud Requirements eBook.