Compliance Question 2228
nyfinest219 last edited by
need an answer for this question.
From a compliance security perspective what things aren’t being addressed that should be?
Denis last edited by
Do you have anything in particular on your mind? You are going to struggle to get an answer to the question otherwise.
harrywaldron last edited by
Hi - The use of COBIT 4.0 provides a framework to IT based security and financial system controls that many external SOX auditors use. This is worth looking at.
Free COBIT 4.0 PDF copy by registering with ISACA
SOX 404 is not a rigid set of requirements, however it puts all security and controls for IT financial systems in the best interest of management. There are direct control requirements on financial systems and there are indirect controls on all security requirements (e.g., so that internal fraud and external hackers are hopefully stopped from any attempts to bypass controls).