The Sarbanes-Oxley Act of 2002 requires that public companies implement IT controls to assure the accuracy of company financial records. These controls must include IT processes that provide for the security of data, central management of user accounts and the ability to audit and report on both internal and external file transfers. This article focuses on ways in which you can configure your FTP server to be Sarbanes-Oxley compliant.

http://www.jscape.com/secureftpserver/10_steps_to_make_your_FTP_server_Sarbanes-Oxley-compliant.html