Policy Writing (Possibly Off-Topic)

["Cullen, Michael" <michael.cullen () umusic com>]

Hello all,

In the wake of SOx compliance, I'm now in the position of having to generate
or advance some security policy work in areas that I've never investigated
before (O/S Build Standard, Application/System Development, 3rd Party System
Development).  While I understand that this list is more on the operational
side of things, I was hoping that someone (or a few) have had some exposure
to the policies I've listed above and my be able to point me in the correct
(passing an audit) direction.


Many thanks in advance,

Michael Cullen
Sr. Security Engineer
Universal Music Group
(818) 777-4049