Home > Security Tips > Tech Tips > Outfox SOX: How to make regulations work for you
Security Tips:
EMAIL THIS
 TIPS & NEWSLETTERS TOPICS 

TECH TIPS

Outfox SOX: How to make regulations work for you


Daniel Blum
05.09.2005
Rating: -4.50- (out of 5)


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


The following presentation was given at Information Security Decisions Spring 2005 in Chicago.

The mere mention of Sarbanes-Oxley is enough to give security managers headaches. However, even if you're not on the hook for compliance, this session reveals what you should have been doing all along -- even before the law went into effect. Designed to prevent corporate fraud and accounting abuses, the law mandates that companies "ensure the integrity of their data." That's no easy task. What the regulation actually calls for is a matter of great debate and has caused tremendous confusion for those responsible for designing and implementing security compliance plans. Complicating matters is a lack of guidance from the government on compliance standards, differing expectations among auditors and a sea of ambiguous information from product vendors.

Daniel Blum, a senior VP and research director at the Burton Group, demystifies Sarbanes-Oxley by explaining its application to security in practical terms. Blum details the mistakes enterprises have made -- and shows you how to avoid making them same errors -- and then shares the successes they achieved in the first round of compliance. He also outlines compliance strategies and methodologies and discusses the tools that will help enterprises maintain and demonstrate compliance.

View the presentation

Visit our Sarbanes-Oxley resource center

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com.
Register now to start rating these tips. Log in if you are already a member.




BROWSE BY TAG
Sarbanes-Oxley Act,   Infosec-Related Regs,   Compliance,   Tech Tips,   Security Audit, Compliance and Standards,   Sarbanes-Oxley Act,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Sarbanes-Oxley Act
Defining adequate security controls
Ongoing SOX compliance: A security team's to-do list
SOX Compliance for the Security Practitioner
Define security's role in the regulatory process
CSO INTERVIEW: Regulatory pain is a two-way street
SOX 404 compliance: Efficiency is key
Security compliance - Separating FUD from reality, part one: Sarbanes-Oxley
The real deal with Sarbanes-Oxley: Perspectives for the security manager

Tech Tips
Video: The foundation of an email security strategy
The 5 A's of functional SAN security
Effective storage security policies
Smart options for safeguarding stored data
Roberta Bragg's 10 Windows hardening tips in 10 minutes
Using free network intrusion detection and prevention tools to stop hacks
Hacker techniques and exploits: Prevent system fingerprinting, probing
How to stop hacker theft: Employee awareness, risk assessment policies
Information Security Decisions Fall 2004: Speaker presentations
Expert advice: Does two-factor authentication protect you from hackers?

Sarbanes-Oxley Act
SOX compliance burdens midmarket security teams
Ex-SEC chief Pitt decries state of Sarbanes-Oxley, risk management
Information security book excerpts and reviews
Internal audits for Sarbanes Oxley and internal IT support
Internal auditors and CISOs mitigate similar risks
Implement security and compliance in a risk management context
Does password sharing in international branches violate SOX?
Consensus Controls project aims to set benchmarks for compliance
Security visualization helps make log files work
The Little Black Book of Computer Security, 2nd Edition
Sarbanes-Oxley Act Research

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.



Research Solutions for Network Security, Access Control and Security Threats
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts