Learning Guide: SOX compliance for the security practitioner

Internal controls and section 404

Return to Table of Contents

• Article: SEC: 404 budgets filled with waste
• Article: Regulatory compliance in the real world
• Tip: SOX 404 compliance: Efficiency is key
• Tip: Keeping SOX 404 under control(s)
• Expert advice: Does SOX (under Section 404) mandate that we archive e-mail?
• Expert Advice: Defining "internal controls" under Sarbanes-Oxley

Steps for compliance

Return to Table of Contents

• Article: Sarbanes-Oxley Act: Steps toward coming into compliance
• Tip: Five steps for SOX compliance
• Tip: Getting compliance right
• Tip: Getting your regulatory priorities in order
• Tip: Complying with multiple regulations and contending with conflicts
• Tip: Does your organization need a CCO?
• Tip: Best practices for managing compliance with security standards
• Book Chapter: Ensure that legal responsibilities are clear -- Especially when trouble strikes
• Conference Presentation: The 5 pillars of successful compliance
• Conference Presentation: Standards-based compliance: A how-to guide

Audit preparation

Return to Table of Contents

• Article: Reporter's Notebook: Why failing an audit can lead to success
• Article: Active Directory getting critical look from regulators
• Article: Cheat sheet: 10 ways to prep for auditors
• Article: Risk management for dummies
• Article: Report: IT shops lax about logging
• Tip: The future role of the CISO: Keeping auditors at bay
• Tip: Best practices for choosing an outside IT auditor
• Tip: Best practices for managing compliance with security standards
• Tip: Passing a SOX audit: Lessons learned from an information security professional
• Conference Presentation: Define security's role in the regulatory process
• Conference Presentation: Standards-based compliance: A how-to guide

SOX compliance product guide

Return to Table of Contents

• Tip: SOX-in-a-box: One size does not fit all when it comes to compliance
• Advice: Log analyzer software
• Review: Elemental Compliance System 1.1 innovative, solid
• Review: Polivec Compliance Management System 3.7
• Conference Presentation: Separating fact from fiction: Security technologies for regulatory compliance

The bottom line: Violations and repercussions

Return to Table of Contents

• Article: 'Typical' SOX violations
• Tip: Will the 'regulatory police' be knocking on your door?
• Tip: A closer look at Sarbanes-Oxley violations
• Advice: Examples of Sarbanes-Oxley violations

More security learning resources

Return to Table of Contents

	SECURITY SCHOOL		LEARNING GUIDES		CHECKLISTS		GLOSSARY		ASK THE EXPERTS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Compliance strategies and best practices Enterprise risk management solutions for CIOs Addressing compliance requirements in cloud computing contracts Avoiding gotchas of security tools and global data privacy laws Information security and IT governance guides for CIOs CIO turns to identity and access management to solve business problem Log management tool, SIM boxes combine to form security architecture Economic downturn hits IT budgets Tips on how to dodge the scariest of IT worst-case scenarios Health care CIO tackles complex security, privacy mandates PCI DSS compliance requirement looms but lacks punch, critics charge Enterprise data security and privacy Healthcare IT standards still not clear Avoiding gotchas of security tools and global data privacy laws CIO turns to identity and access management to solve business problem Data protection quiz for enterprise CIOs Seven tips to improving enterprise data protection Employee layoffs pose security risk if systems access not disabled Health care CIO tackles complex security, privacy mandates PCI compliance a good start, but not enough IT risk moves higher on security radar, report finds Top 10 reasons to give thanks you're in IT Enterprise information security management Enterprise risk management solutions for CIOs Gartner: Future IT security jobs to focus on risk management strategy Avoiding gotchas of security tools and global data privacy laws Security standards to help manage compliance for those federal funds Information security and IT governance guides for CIOs CIO turns to identity and access management to solve business problem Log management tool, SIM boxes combine to form security architecture Mobile data protection options for enterprise CIOs For network access control, this shop chose Microsoft NAP; here's why Network access control case studies show varied options

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary GRC (governance, risk management and compliance) software  (SearchCIO.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary