As security is such a major theme on the Act, many organizations are using the international ISO standards. The ISO 27001 Portal outlines these. A copy of the standards, and security policies, can be obtained via the ISO 17799 Toolkit.
Our server logs indicate some interesting mis-spellings: Sarbannes Oxley, Sorbane Oxley, Sarbanne Oxley, Sarbaines Oxley, Sarbanesoxley, Sorbanes Oxley, Sabanes Oxley, Sarbane Oxley, and Sarbanes Oaxley, to name but a few!
Joined: Nov 25, 2004 Posts: 787 Location: London, UK
Posted: Mon Oct 12, 2009 4:26 am Post subject:
No SOX sets no requirements on anything this specific. _________________ "The art of life is to deal with problems as they arise, rather than destroy one's spirit by worrying about them too far in advance" - Cicero
Joined: Jan 12, 2006 Posts: 849 Location: Roanoke, Virginia
Posted: Thu Oct 15, 2009 3:32 pm Post subject:
Agree with Denis - as being outside scope of SOX 404 ... Still, as this technology advances it's something to keep an eye on. As SOX is a self regulatory risk assessment exercise for minimum standards, you can certainly always go the 2nd mile in ensuring policies and procedures are in place (ensuring that financial info is protected in these environment as well) ... It's outside the scope of SOX but well worth doing
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Trademarks referenced on the SOX Act Forum are property of their respective owners. Comments are property of their respective posters. Sarbanes-Oxley Act Implementation Portal: Sarbanes Oxley compliance, information, software, & internal audit committee resources. Sarbox. Site source is copyright nuke (c)2003, and is Free Software under the GNU / GPL licence agreement. All Rights Are Reserved.