Learning Guide: SOX Compliance for the Security Practitioner

Internal controls and section 404

Return to Table of Contents

• Article: SEC: 404 budgets filled with waste
• Article: Regulatory compliance in the real world
• Tip: SOX 404 compliance: Efficiency is key
• Tip: Keeping SOX 404 under control(s)
• Expert advice: Does SOX (under Section 404) mandate that we archive e-mail?
• Expert Advice: Defining "internal controls" under Sarbanes-Oxley

Steps for compliance

Return to Table of Contents

• Article: Sarbanes-Oxley Act: Steps toward coming into compliance
• Tip: Five steps for SOX compliance
• Tip: Getting compliance right
• Tip: Getting your regulatory priorities in order
• Tip: Complying with multiple regulations and contending with conflicts
• Tip: Does your organization need a CCO?
• Tip: Best practices for managing compliance with security standards
• Book Chapter: Ensure that legal responsibilities are clear -- Especially when trouble strikes
• Conference Presentation: The 5 pillars of successful compliance
• Conference Presentation: Standards-based compliance: A how-to guide

Audit preparation

Return to Table of Contents

• Article: Reporter's Notebook: Why failing an audit can lead to success
• Article: Active Directory getting critical look from regulators
• Article: Cheat sheet: 10 ways to prep for auditors
• Article: Risk management for dummies
• Article: Report: IT shops lax about logging
• Tip: The future role of the CISO: Keeping auditors at bay
• Tip: Best practices for choosing an outside IT auditor
• Tip: Best practices for managing compliance with security standards
• Tip: Passing a SOX audit: Lessons learned from an information security professional
• Conference Presentation: Define security's role in the regulatory process
• Conference Presentation: Standards-based compliance: A how-to guide

SOX compliance product guide

Return to Table of Contents

• Tip: SOX-in-a-box: One size does not fit all when it comes to compliance
• Advice: Log analyzer software
• Review: Elemental Compliance System 1.1 innovative, solid
• Review: Polivec Compliance Management System 3.7
• Conference Presentation: Separating fact from fiction: Security technologies for regulatory compliance

The bottom line: Violations and repercussions

Return to Table of Contents

• Article: 'Typical' SOX violations
• Tip: Will the 'regulatory police' be knocking on your door?
• Tip: A closer look at Sarbanes-Oxley violations
• Advice: Examples of Sarbanes-Oxley violations

More security learning resources

Return to Table of Contents

	SECURITY SCHOOL		LEARNING GUIDES		CHECKLISTS		GLOSSARY		ASK THE EXPERTS

BROWSE BY TAG Security Audit, Compliance and Standards,   Sarbanes-Oxley Act,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Sarbanes-Oxley Act SOX compliance burdens midmarket security teams Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management Information security book excerpts and reviews Internal audits for Sarbanes Oxley and internal IT support Internal auditors and CISOs mitigate similar risks Implement security and compliance in a risk management context Does password sharing in international branches violate SOX? Consensus Controls project aims to set benchmarks for compliance Security visualization helps make log files work The Little Black Book of Computer Security, 2nd Edition Sarbanes-Oxley Act Research

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary