Software Licensing and Oxley 132



  • Hello,
    I work for a large corporation that uses a lot of licensed software and am part of the software management team.
    I am looking to find some comprehensive literature/guides/information on how [un]sucessfull managing of this licensed software may affect my company in relation to the O. Act, and what all may be involved.
    Any info is appreciated.
    Thanks.



  • This post is deleted!


  • This post is deleted!


  • If I understand correctly: You want some smoking gun quote or article you can give your boss to show that not having the same number of software licenses compared to number of installations will equal non-complaince with SOX?
    Although, both Cobit and COSO have facets of controls that require all software used to be licensed there is nothing specifically in SOX that requires it.
    There are other laws that require it…but not SOX.
    You can make a well reasoned argument, espeically concerning software that is used to faciliate finacial reporting, that being short on licensing can hurt availablity etc etc.
    But I can really give you a smoking gun quote.
    You might look at Cobit DS9 – Manage the configuration also look at the Audit Guidelines for Cobit under DS9. That might give you enough ammo to help your case.
    I think the words they use in the Audit Guideline is that there is: ‘Zero tolerance for unlicensed software.’


Log in to reply