CFO responsibility to fund log analysis for Sarbanes-Oxley compliance
Corporations responsible for complying with Sarbanes-Oxley, face great hurdles with a basic compliance objective: analysis of their (server and security device) event logs. Some do not for lack of awareness, and others because of the difficulty (and cost) of performing the analysis. Further, issuers erroneously place the cost burden of SOX compliance on the IT security department, when the costs should be borne by the CFO’s SOX compliance budget.
Dec 15 2004 12:27PM