|
  |
|
|
Maintaining Sarbanes-Oxley Compliance
When Sarbanes-Oxley was introduced back in 2002 everyone scrambled to get their business and IT infrastructure compliant. Today, the trouble isn’t with getting your policy model compliant, it is with maintaining that compliance that you initially set up. IT is a field that is constantly changing and thus your IT policy and structure in your business will change and expand constantly. Putting the documentation and set of controls in place to ensure improvement is the first step to ensuring that your compliance efforts are not too rigid. In order for businesses to stay competitive, they must have the ability to be flexible. If your set of controls is too rigid, then you will hinder your company’s flexibility. Having a set of documents that states processes and controls will make it easier to maintain and follow order when introducing new policies and models for your IT infrastructure. One way to ensure compliance is to monitor legislation and stay on top of new regulations that are set in place so that you can make adjustments to your internal policy. Document these new regulations and then make adjustments accordingly. Organized documentation is one of the more difficult but crucial keys to maintaining compliance. Change control policies must also be set into place and documented. Having a change control structure in place will ensure a sort of checks and balances in your business and IT department. Having change control policies documented will also ensure that you will have the right documents to show in the event you are audited. Risk management is something that many IT managers deal with on a day to day basis. Taking into account risk levels with new regulations and new technology will help you decide the best course of action. As always, the documentation of this will help you get a better grasp of the scope of the project or policy. Sometimes maintaining compliance is more about policy management and documentation that it is about actual network security. But both of them go hand in hand. The technical geek inside of us all wants to just focus strictly on the actual security technology that underlies every compliance regulation. But the truth is that documentation and change control processes is what drives it all. Without the policies in place to maintain compliance, security goes out the door. |
Maintaining Sarbanes-Oxley Compliance
PLEASE VISIT THE CONTRIBUTOR'S WEBSITE
No reactions yet.
Please login or sign up to rate this intel.
Please login or sign up to add a comment.
The copyright for this content entitled "Maintaining Sarbanes-Oxley Compliance" has been specified by the contributor as:
All Rights Reserved
This content may not be copied, distributed or adapted by anyone under any circumstances.
|
 |
|
This intel was contributed by clonmac
|
May, 2012
2008
January, February, March, April, May, June, July, August, September, October, November, December
2009
January, February, March, April, May, June, July, August, September, October, November, December
2010
January, February, March, April, May, June, July, August, September, October, November, December
2011
January, February, March, April, May, June, July, August, September, October, November, December
2012
January, February, March, April, May
|
|
Not a member yet?
Qondio is a powerful network for making it online. If you have a website to
promote, we can help.
Sign up and get in on the action.
|
|
Welcome to Qondio! Discover the awesome power this network can deliver by going to our About page. Or you could skip straight to the Sign Up form.
|
|
