Security Basics mailing list archives
Re: SOX compliance and assessment
From: tony <tonytorri () yahoo com>
Date: Tue, 11 Jan 2005 17:55:31 -0800 (PST)
Michael, Publicly traded companies were to be SOX compliant by 11/15/04. Security and control process had to be in place for at least 3 months before that date to validate they were in fact working. If you are just beginning the SOX compliance effort...you are only about 2 years behind. Surely someone in your company is leading this effort. It you are in the IT area..good starting would be to do keywork search on Cobit and SAS70. This will give you a good idea of the IT security that needs to be in place. Tony --- Michael Jordon <mjordon21 () yahoo com> wrote:
Hello, I looking for a starting point to perform a SOX compliance assessment. Can someone assist in identification of the controls objectives for Section 302 and 404. What are the other areas that should be considered to develop such assessment? Many thanks in advance. MJ
=====
Tony T. CISSP, CISA, CDP, CIA
Senior IS Security & Risk Manager
360.906.7893 (Work)
Northern Telecom LLP
__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
Current thread:
- SOX compliance and assessment Michael Jordon (Jan 11)
- Re: SOX compliance and assessment tony (Jan 12)
- Re: SOX compliance and assessment Alexander Bolante (Jan 13)
- Re: SOX compliance and assessment Will Thornsbury (Jan 13)
- <Possible follow-ups>
- RE: SOX compliance and assessment Jason Workman (Jan 13)
- Re: SOX compliance and assessment tony (Jan 12)