Compliance Question 2228



  • need an answer for this question.
    From a compliance security perspective what things aren’t being addressed that should be?
    Thank you.



  • Do you have anything in particular on your mind? You are going to struggle to get an answer to the question otherwise.



  • Hi - The use of COBIT 4.0 provides a framework to IT based security and financial system controls that many external SOX auditors use. This is worth looking at.
    Free COBIT 4.0 PDF copy by registering with ISACA
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1920
    SOX 404 is not a rigid set of requirements, however it puts all security and controls for IT financial systems in the best interest of management. There are direct control requirements on financial systems and there are indirect controls on all security requirements (e.g., so that internal fraud and external hackers are hopefully stopped from any attempts to bypass controls).


Log in to reply