Resources for Sarbanes-Oxley (SOX)

Build an IT Structure for Compliance

redmondmag.com

There was a time when IT simply kept systems and apps running-"keeping the lights on," as the saying goes. As those systems became more tightly integrated with business operations and critical to their success, systems and software became indispensable. With widespread access, however, any critical data and its processing systems were made vulnerable to subversion by error, omission or malice. This was the genesis of compliance.

Generally speaking, compliance efforts ensure that an organization actually does what it says it's going to do, and that those actions have the intended results. Ideally, any measured activities map directly to a policy or regulatory requirement. Compliance measurements look at systems and networks to ensure that they're configured to fulfill policy requirements. They can also look at actions by individual users, and log those actions to generate analyses and reports. The business goals include assurance of system and information security, authorization and forensics.

View the Resource

Share or bookmarklet this web page at: