Full Disclosure mailing list archives
RE: Re: SOX whistleblowers' clause Compliance
From: "wilder_jeff Wilder" <wilder_jeff () msn com>
Date: Thu, 01 Dec 2005 09:11:35 -0700
Can some please send me the actual regulation that states or validates the comments of http://www.nonprofitrisk.org/nwsltr/archive/employprac091005-p.htm ?
I am in this very situation right now. -Jeff Wilder CISSP,CCE,C/EH -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M-- V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++ G e* h--- r- y+++* ------END GEEK CODE BLOCK------
From: "Aditya Deshmukh" <aditya.deshmukh () online gateway strangled net> Reply-To: adityad2005 () users sourceforge net To: "'InfoSecBOFH'" <infosecbofh () gmail com> CC: full-disclosure () lists grok org uk Subject: RE: [Full-disclosure] Re: SOX whistleblowers' clause Compliance Date: Thu, 1 Dec 2005 11:36:10 +0530 MIME-Version: 1.0Received: from lists.grok.org.uk ([195.184.125.51]) by bay0-mc7-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 30 Nov 2005 22:20:01 -0800 Received: from lists.grok.org.uk (localhost [127.0.0.1])by lists.grok.org.uk (Postfix) with ESMTP id D0597A1C;Thu, 1 Dec 2005 06:19:51 +0000 (GMT) Received: from Online.GateWay.TechnoPagans.COM (unknown [220.224.19.31])by lists.grok.org.uk (Postfix) with ESMTP id CA6009C8for <full-disclosure () lists grok org uk>;Thu, 1 Dec 2005 06:19:04 +0000 (GMT) Received: from c5 (localhost [127.0.0.1])by Online.GateWay.Strangled.NET with ESMTP (Mailtraq/2.7.1.1894) idONLN2AF3A0C3; Thu, 01 Dec 2005 11:36:12 +0530X-Message-Info: JGTYoYF78jGGLGElHpjcGS/5PgtYfJvSs6ruuz19gQA= X-Original-To: full-disclosure () lists grok org uk Delivered-To: full-disclosure () lists grok org uk Organization: Enterprise Security Solutions X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Thread-Index: AcX1/vYkXiB6TIi0ToWrzUWPg4XoCgAPLSow X-Hops: 1 X-BeenThere: full-disclosure () lists grok org uk X-Mailman-Version: 2.1.5 Precedence: listList-Id: An unmoderated mailing list for the discussion of security issues<full-disclosure.lists.grok.org.uk> List-Unsubscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists grok org uk?subject=unsubscribe>List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure> List-Post: <mailto:full-disclosure () lists grok org uk> List-Help: <mailto:full-disclosure-request () lists grok org uk?subject=help>List-Subscribe: <https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, <mailto:full-disclosure-request () lists grok org uk?subject=subscribe>Errors-To: full-disclosure-bounces () lists grok org uk Return-Path: full-disclosure-bounces () lists grok org ukX-OriginalArrivalTime: 01 Dec 2005 06:20:03.0962 (UTC) FILETIME=[445375A0:01C5F63F]> Seeing how my question was ignored. I will tell you the answer. > > There is no requirement in SOX to do this. Why cant you use google to find out this ? ------------------------------------------------------------------- http://www.nonprofitrisk.org/nwsltr/archive/employprac091005-p.htm *In the para 4* "Protecting whistleblowers is an essential component of an ethical and open work environment." *In para 6* <----- this is the one that you want "Provide Employees Multiple Avenues to Report Concerns" While employees will hopefully feel comfortable raising concerns directly with their supervisors, many employees are reluctant to raise concerns with line management for fear of retaliation, especially where their concerns pertain to unethical or illegal conduct by their line managers. Therefore, nonprofits should provide several options for employees to raise concerns, including the option of raising a concern anonymously. ------------------------------------------------------------------- If you read the last line in para 6 you will find that anon mailbox is a requirement for SOX compliance. And mailbox was ment for email Michael :) But I think that "with a post and some concrete" mailbox will be Indeed be far more secure..... ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Re: SOX whistleblowers' clause Compliance Madison, Marc (Dec 01)
- RE: Re: SOX whistleblowers' clause Compliance Aditya Deshmukh (Dec 01)
- SOX whistleblower requirements challenged in court? (Was SOX whistleblowers' clause Compliance) Jesse W. Asher (Dec 02)
- <Possible follow-ups>
- RE: Re: SOX whistleblowers' clause Compliance wilder_jeff Wilder (Dec 01)
- RE: Re: SOX whistleblowers' clause Compliance Madison, Marc (Dec 01)
- RE: Re: SOX whistleblowers' clause Compliance Aditya Deshmukh (Dec 01)
- Re: Re: SOX whistleblowers' clause Compliance InfoSecBOFH (Dec 02)
- Re: Re: SOX whistleblowers' clause Compliance R S (Dec 02)
- RE: Re: SOX whistleblowers' clause Compliance Aditya Deshmukh (Dec 01)