
	Home > SOX, security standards and building a compliance framework

Compliance School:

LICENSING & REPRINTS

SOX, security standards and building a compliance framework

01 Feb 2006

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

About Compliance School

In Compliance School, guest instructor Richard Mackey shows you exactly what you need to do to meet regulations' ongoing demands and arms you with actionable items to ensure your business remains continuously compliant. Best of all you can attend any of the following on-demand lessons when it's most convenient for you:

Ensuring compliance across the extended enterprise

Compliance improvement: Get better as you go forward

Gauging your SOX progress

SOX compliance basics: Taking Action

Understanding
compliance-related technology

Compliance with the Sarbanes-Oxley Act (SOX) is a major part of today's corporate culture. The threat of non-compliance, its financial headaches, and worse yet, the spectre of legal penalties to the highest levels of a corporation, appear to have achieved one of the Act's goals. Organizations take compliance very seriously.

Not surprisingly, this pressure on corporate executives flows downhill and projects a significant burden on finance departments and IT. However, while corporate finance groups may have a relatively easy time understanding the checks, balances and documentation required to prove accurate accounting, they do not typically understand the impact of IT controls on these activities. Worse yet, the rank and file of IT departments typically do not deeply involve themselves in corporate business practices, instead focusing on the operation of systems rather than their role in accurate reporting. The disjoint nature of the two disciplines is counter to the requirements of SOX. Both IT and corporate finance need to work together to ensure and demonstrate that financial, corporate and technological controls work effectively to provide accurate financial reporting.

One of the most important elements of SOX compliance is providing evidence that the financial applications and supporting systems and services are adequately secured to ensure that financial reports can be trusted. This places a special burden on IT security departments. They need to understand which systems, services and processes need to be controlled, which aspects of security are most critical to compliance and what it takes to demonstrate that their company is in compliance.

This article provides a brief introduction to dealing with the challenges that face IT security, including:

Home: Introduction
Step 1: Understanding compliance -- Financial and technical standards
Step 2: Scope of compliance
Step 3: Establishing an IT Control Framework
Step 4: Detailed objectives and policies
Step 5: Measuring compliance
Step 6: Managing and tracking compliance
Step 7: The changing nature of compliance

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

RELATED RESOURCES

	2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
	Search Bitpipe.com for the latest white papers and business webcasts
	Whatis.com, the online computer dictionary

TechTarget Security Media

Information Security

View this month\\'s issue and subscribe today.

Information Security Decisions

Apply online for free conference admission.

SearchSecurity.com

SEARCH :

Advanced Search | Site Index

Powered by:

About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy