Salesforce and SOX: Beyond the Audit Trail

Salesforce is a famously versatile, highly customizable platform. Which is great if you’re a growing company looking for a platform that will grow alongside you. But if you’re an auditor looking to see tight controls over critical configuration changes and user access, the ease with which metadata and configuration data in the system can be changed is cause for concern. Salesforce’s Audit Trail and Field History Tracking tools offer a variety of solutions for this problem. Using them, and a considerable amount of manual work, you can get very close to producing change reports that will make your auditors happy. But audit requirements — primarily for SOX, but also for industry-specific compliance standards — are changing. Auditors are becoming more familiar with the platform and asking to see more detailed reporting. What's On the Agenda? In this webinar, we’ll show you how to start prepping for audit using the Salesforce Audit Trail and Field History Tracking. Then, we’ll cover the four main gaps they leave, and how third-party tools like Strongpoint help close them: - Access controls: Taking a deep dive into roles and permission sets - Scope: Keeping tabs on what’s in scope for SOX and ignoring what's not - Change logs: Tying completed changes back to an originating request - Configuration data: Controlling for changes to critical configuration data (such as CPQ)