With a streamlined Org and an intelligent change management process, you're well on your way to audit readiness. In our final presentation, what we're calling "When Salesforce Meets SOX", we look at what's typically in scope for a Salesforce audit; how to design detective controls to protect your most sensitive data; and how to produce ITGC-compliant reporting and audit logs.

Please note that when we say Salesforce meets SOX, we're talking compliance in general — including FDA compliance and other privacy regulations. It's not about just making your Org compliant, but making your processes for managing your Org compliant with the best industry practices and standards

Agenda

• What is typically in scope for audit?
• ITGC
• CPQ: blocking and detective controls for config data
• Audit log reporting and reconciliation