Canonical FrameworkCompliance & Audit

SOX ITGC

SOX ITGC control-mapping starter for systems supporting financial reporting. It references logical access, change management, operations, backup, audit evidence, and segregation-of-duties topics, with configurable gateway controls where applicable and separate ownership for broader IT controls.

This template is a configurable starting point and control mapping. It is not certification, legal advice, or a guarantee of compliance; validate it against your obligations and environment before use.

Regions

US

References

3 references

Mapped Control Domains

6 mapped domains

Deployment

Regulated SaaS, Private Cloud

Referenced Frameworks, Standards & Obligations

Sarbanes-Oxley Act §302 and §404COSO Internal Control FrameworkPCAOB AS 2201

Mapped Control Domains

Access Control
Change Management
Audit Logging
Data Integrity
Segregation Of Duties
Data Backup

Deployment profiles

Regulated SaaS
Private Cloud

Get started in 3 steps

1

Open the template

Open the catalog entry in the Keeptrusts console and review its included controls, references, and deployment metadata.

2

Adapt the configuration

Use the template as a starting point, then adjust relevant policies, thresholds, routing, and review settings for your requirements.

3

Validate before rollout

Test every outcome you configure—such as allow, redact, block, or operator review—before deploying through a supported gateway workflow.