-
SOX reality check: Provisioning systems
This article provides you with insight into compliance-related products for account lifecycle management, reporting and review, and workflow and approvals. Compliance School
-
SOX reality check: Policy tools
This article provides an overview of policy sets and audit tools, and teaches you how to use standards as a guide for developing policies. Compliance School
-
SOX, security standards and building a compliance framework
This article provides a brief introduction to dealing with the challenges that face IT security in complying with SOX. Compliance School
-
Step 1: Understanding compliance -- Financial and technical standards
Compliance School
-
Step 5: Measuring compliance
Compliance School
-
Step 6: Managing and tracking compliance
Compliance School
-
Step 2: Scope of compliance
Compliance School
-
SearchSecurity.com's top clicks of 2005
SearchSecurity.com's top five tips, news articles and learning tools from 2005. Top clicks of 2005
-
Introduction to COBIT for SOX compliance
The Sarbanes-Oxley Act does not detail compliance requirements for IT, so many enterprises and auditors have adopted the standard COBIT, introduced here. Book Chapter
-
SOX Compliance for the Security Practitioner
This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling SOX compliance, financial woes, internal controls, a... Learning Guide
- See More: Essential Knowledge on Sarbanes-Oxley Act
-
Audit requirements drive demand for privileged account management
SOX compliance requirements and data security concerns are accelerating growth of the privileged account management market Article | 21 Aug 2009
-
Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management
Former SEC chairman Harvey Pitt has a blunt assessment of SOX as well as the current state of the regulatory system, calling it "badly broken." News | 05 Jun 2009
-
Consensus Controls project aims to set benchmarks for compliance
The Consensus Controls project aims to provide organizations with a peer review system for IT controls. Article | 03 Oct 2008
-
Security visualization helps make log files work
Using visualization tools, security pros can build charts and graphs to make sense of complex log files and data and improve their company's security stance. Article | 28 Aug 2008
-
RSA attendees see data classification, rights management projects stumble
SAN FRANCISCO -- Companies need to embark on data classification projects to gain more control over its movement and minimize data leakage, but it's difficult to find a company successfully carrying out a project. Rena Mears, Deloitte's global and U.... Interview | 10 Apr 2008
-
Hannaford breach illustrates dangerous compliance mentality
As Executive Editor Dennis Fisher explains, the Hannaford supermarket breach illustrates how too much emphasis on compliance puts critical data at risk. Column | 02 Apr 2008
-
PCI compliance drives identity management spending, says IBM's GRC chief
Kristin Lovejoy came to IBM as chief technology officer of Consul Risk Management, which was acquired by Big Blue in early 2007. Lovejoy helps contribute to IBM's company-wide security strategy, overseeing the company's governance, risk and complianc... Interview | 19 Feb 2008
-
SEC: 404 budgets filled with waste
The SEC slaps the hand of public accounting firms -- and tells C-level execs to get a better grip on SOX 404 requirements. Article | 16 Jan 2008
-
Sarbanes-Oxley testing cuts could mean cost cuts
Technology that could help public companies reduce their compliance activities is being embedded in SOX-compliant software. But to work, experts say external auditors must be on board. Article | 16 Jan 2008
-
IBM to boost security spending, push PCI DSS program
IBM plans to invest $1.5 billion on security research in 2008. The company is also using recent acquisitions to introduce a PCI DSS program. Article | 01 Nov 2007
- See More: News on Sarbanes-Oxley Act
-
SOX compliance checklist: Five ways to refine a SOX compliance program
SOX compliance is still too burdensome for many enterprises. Expert Charles Denyer offers five ways to streamline a lagging SOX compliance program. Tip
-
Frameworks to support SOX compliance requirements
Enterprises have had to deal with SOX regulatory compliance for several years, but many lack clear direction that will address SOX compliance requirements from an IT process perspective. Learn how enterprises can use IT and security tools within COSO... Tip
-
The Little Black Book of Computer Security, 2nd Edition
In an online excerpt of The Little Black Book of Computer Security, expert author Joel Dubin reviews how to prepare for today's most important compliance requirements. Tip
-
SureWest makes the call on SOX compliance
This case study reveals how SureWest ensures financial applications, systems and services are secure so financial reports can be trusted. Tip
-
Maintaining compliance in a world of constant change
Robert Childs examines four steps information security practitioners can take to ensure that their compliance efforts are maintained and kept up-to-date. Tip
-
COSO and COBIT: The value of compliance frameworks for SOX
In an attempt to blaze a path through the myriad of compliance regulations and requirements, organizations are looking to frameworks like COSO and COBIT. In this tip, contributor Mike Rothman examines these compliance paradigms and offers insights on... Tip
-
SOX compliance: Building a directory services model for adequate access controls
Using meta-directories for authentication and access control puts data at risk, but they can be useful in obtaining the granular control of service directories required for compliance. Tip
-
Defining adequate security controls
Because of the changing nature of technology, the language in the Sarbanes-Oxley Act is purposefully vague. This article explores the meaning of adequate security controls and what is required for SOX compliance. Tip
-
Compliance guide for managers: Lessons learned and best decisions
Compliance guide for managers: Lessons learned and best decisions Tip
-
Become compliant -- without breaking the bank
Re-use your existing tools to meet regulatory demands. Tip
- See More: Tips on Sarbanes-Oxley Act
-
SOX data retention policies: What to do with old software archives
What do you do when sensitive data is stored on old versions of software? In this expert response, Ernie Hayden discusses how to make sure you retain data correctly for Sarbanes Oxley compliance purposes. Ask the Expert
-
Technology to automate SOX compliance according to COBIT frameworks
How effective are automated compliance solutions at easing a enterprise's compliance burden? In this expert response, learn what resources can be most helpful for your enterprise when complying with SOX. Ask the Expert
-
Is Word document-comparison software SOX compliant?
The SOX audit process can be daunting, especially when it comes to finding SOX-compliant software. In this expert response, learn whether Word document-comparison software is SOX compliant. Ask the Expert
-
Internal audits for Sarbanes Oxley and internal IT support
Under SOX, is internal IT support allowed to access security systems? Read this response from security management expert David Mortman. Ask the Expert
-
Does password sharing in international branches violate SOX?
Does password sharing in a company's international branch violate Sarbanes Oxley compliance? Learn enterprise password management solutions for international companies. Ask the Expert
-
Does SOX provision email archiving?
Although SOX may lack specificity regarding certain controls, it does have clear mandates for email retention. Ask the Expert
-
How to conduct an efficient and thorough employee access review
In order to meet HIPAA and SOX compliance requirements, an employee access review is necessary. Ask the Expert
-
What types of software can help a company perform a security risk assessment?
Security management expert Mike Rothman unveils what kind of software is on the market to help assist a company in the risk assessment process. Ask the Expert
-
How should termination procedures address a user's multiple roles?
In this SearchSecurity.com Q&A, expert Joel Dubin explains how the right access management tools can eliminate all traces of a terminated employee. Ask the Expert
-
Is the Sarbanes-Oxley Act being enforced?
What actions are being taken to enforce the Sarbanes-Oxley Act? In this SearchSecurity.com Q&A, Mike Rothman discusses the regulations and precautions needed to ensure company compliance. Ask the Expert
- See More: Expert Advice on Sarbanes-Oxley Act
-
SOX compliance checklist: Five ways to refine a SOX compliance program
SOX compliance is still too burdensome for many enterprises. Expert Charles Denyer offers five ways to streamline a lagging SOX compliance program. Tip
-
Information security book excerpts and reviews
Visit the Information Security Bookshelf for book reviews and free chapter downloads. Information Security Book
-
Frameworks to support SOX compliance requirements
Enterprises have had to deal with SOX regulatory compliance for several years, but many lack clear direction that will address SOX compliance requirements from an IT process perspective. Learn how enterprises can use IT and security tools within COSO... Tip
-
SOX data retention policies: What to do with old software archives
What do you do when sensitive data is stored on old versions of software? In this expert response, Ernie Hayden discusses how to make sure you retain data correctly for Sarbanes Oxley compliance purposes. Ask the Expert
-
Technology to automate SOX compliance according to COBIT frameworks
How effective are automated compliance solutions at easing a enterprise's compliance burden? In this expert response, learn what resources can be most helpful for your enterprise when complying with SOX. Ask the Expert
-
Audit requirements drive demand for privileged account management
SOX compliance requirements and data security concerns are accelerating growth of the privileged account management market Article
-
Is Word document-comparison software SOX compliant?
The SOX audit process can be daunting, especially when it comes to finding SOX-compliant software. In this expert response, learn whether Word document-comparison software is SOX compliant. Ask the Expert
-
Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management
Former SEC chairman Harvey Pitt has a blunt assessment of SOX as well as the current state of the regulatory system, calling it "badly broken." News
-
Internal audits for Sarbanes Oxley and internal IT support
Under SOX, is internal IT support allowed to access security systems? Read this response from security management expert David Mortman. Ask the Expert
-
Does password sharing in international branches violate SOX?
Does password sharing in a company's international branch violate Sarbanes Oxley compliance? Learn enterprise password management solutions for international companies. Ask the Expert
- See More: All on Sarbanes-Oxley Act
About Sarbanes-Oxley Act
In this guide experts define the Sarbanes-Oxley Act of 2002 (SOX) and offer information on guidelines and regulations, penalties, compliance, audits, violations and section 404 and section 302.