Security Basics mailing list archives
RE: SOX Standard - Where and How to Start ?
From: Craig Wright <Craig.Wright () bdo com au>
Date: Mon, 19 May 2008 14:56:33 +1000
ISACA have a SOX Compliance document aligning COBIT to SOX. Basically, what matters is integrity and most critically - proving it. This means: A secure system Logging AND Monitoring Non-repudiation of events Change control ... What is generally forgotten in the 302/404 rush is the need to also ensure 802 and 1102, these are to do with document handling and evidence. Regards, Dr Craig Wright (GSE-Compliance) Craig Wright Manager, Risk Advisory Services Direct : +61 2 9286 5497 Craig.Wright () bdo com au +61 417 683 914 BDO Kendalls (NSW-VIC) Pty. Ltd. Level 19, 2 Market Street Sydney NSW 2000 GPO BOX 2551 Sydney NSW 2001 Fax +61 2 9993 9497 http://www.bdo.com.au/ The information in this email and any attachments is confidential. If you are not the named addressee you must not read, print, copy, distribute, or use in any way this transmission or any information it contains. If you have received this message in error, please notify the sender by return email, destroy all copies and delete it from your system. Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls. You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or Director of BDO Kendalls. It is your responsibility to scan this communication and any files attached for computer viruses and other defects. BDO Kendalls does not accept liability for any loss or damage however caused which may result from this communication or any files attached. A full version of the BDO Kendalls disclaimer, and our Privacy statement, can be found on the BDO Kendalls website at http://www.bdo.com.au/ or by emailing mailto:administrator () bdo com au. BDO Kendalls is a national association of separate partnerships and entities. Liability limited by a scheme approved under Professional Standards Legislation. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Mohamed Farid Sent: Sunday, 18 May 2008 5:29 PM To: security-basics () securityfocus com Subject: SOX Standard - Where and How to Start ? Dear All : My company is asking me to study the SOX compliance - and to make a gap analysis for the current situation and the standard situation . The problem is that I can't find a good guide for the SOX requirements - and I am stuck between a lot of readings and a lot of white papers which are leading me to nothing . Can you help me to find a way to start ? Advise me what should I read ? and how can I get the requirements ? Thanks ,,, ine a?i???
Current thread:
- SOX Standard - Where and How to Start ? Mohamed Farid (May 18)
- RE: SOX Standard - Where and How to Start ? Craig Wright (May 19)
- RE: SOX Standard - Where and How to Start ? Dave Lewis (May 19)