Home > Security Security Schools > Compliance School > SOX compliance > Gauging your SOX progress > SOX, security standards and building a compliance framework
Security Schools: Compliance School:
EMAIL THIS
 START   ROLES   AUTOMATION   VIRTUALIZATION   HIPAA   RISK   PCI DSS   PROVIDERS   TECHNOLOGIES   COMPLIANCE 2.0   SOX   
SOX compliance


Gauging your SOX progress
<< PREVIOUS | NEXT >>: COSO and COBIT: The value of compliance frameworks...

SOX, security standards and building a compliance framework

01 Feb 2006

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

About Compliance School

In Compliance School, guest instructor Richard Mackey shows you exactly what you need to do to meet regulations' ongoing demands and arms you with actionable items to ensure your business remains continuously compliant. Best of all you can attend any of the following on-demand lessons when it's most convenient for you:

Ensuring compliance across the extended enterprise

Compliance improvement: Get better as you go forward  

Gauging your SOX progress  

SOX compliance basics: Taking Action   

Understanding
compliance-related technology
Compliance with the Sarbanes-Oxley Act (SOX) is a major part of today's corporate culture. The threat of non-compliance, its financial headaches, and worse yet, the spectre of legal penalties to the highest levels of a corporation, appear to have achieved one of the Act's goals. Organizations take compliance very seriously.

Not surprisingly, this pressure on corporate executives flows downhill and projects a significant burden on finance departments and IT. However, while corporate finance groups may have a relatively easy time understanding the checks, balances and documentation required to prove accurate accounting, they do not typically understand the impact of IT controls on these activities. Worse yet, the rank and file of IT departments typically do not deeply involve themselves in corporate business practices, instead focusing on the operation of systems rather than their role in accurate reporting. The disjoint nature of the two disciplines is counter to the requirements of SOX. Both IT and corporate finance need to work together to ensure and demonstrate that financial, corporate and technological controls work effectively to provide accurate financial reporting.

One of the most important elements of SOX compliance is providing evidence that the financial applications and supporting systems and services are adequately secured to ensure that financial reports can be trusted. This places a special burden on IT security departments. They need to understand which systems, services and processes need to be controlled, which aspects of security are most critical to compliance and what it takes to demonstrate that their company is in compliance.

This article provides a brief introduction to dealing with the challenges that face IT security, including:



Home: Introduction
 Step 1: Understanding compliance -- Financial and technical standards
 Step 2: Scope of compliance
 Step 3: Establishing an IT Control Framework
 Step 4: Detailed objectives and policies
 Step 5: Measuring compliance
 Step 6: Managing and tracking compliance
 Step 7: The changing nature of compliance

BROWSE BY TAG
Compliance School,   Gauging your SOX progress,   SOX compliance,   Security Audit, Compliance and Standards,   Sarbanes-Oxley Act,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


<< PREVIOUS | NEXT >>: COSO and COBIT: The value of compliance frameworks...
VIEW ALL IN THIS CATEGORY


RELATED CONTENT
Gauging your SOX progress
Internal audits for Sarbanes Oxley and internal IT support
COSO and COBIT: The value of compliance frameworks for SOX
SOX Scorecard

Sarbanes-Oxley Act
SOX compliance burdens midmarket security teams
Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management
Information security book excerpts and reviews
Internal audits for Sarbanes Oxley and internal IT support
Internal auditors and CISOs mitigate similar risks
Implement security and compliance in a risk management context
Does password sharing in international branches violate SOX?
Consensus Controls project aims to set benchmarks for compliance
Security visualization helps make log files work
The Little Black Book of Computer Security, 2nd Edition
Sarbanes-Oxley Act Research

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary




Search Additional Security Research and Solutions
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts