CFO responsibility to fund log analysis for Sarbanes-Oxley compliance

By on

Corporations responsible for complying with Sarbanes-Oxley, face great hurdles with a basic compliance objective: analysis of their (server and security device) event logs. Some do not for lack of awareness, and others because of the difficulty (and cost) of performing the analysis. Further, issuers erroneously place the cost burden of SOX compliance on the IT security department, when the costs should be borne by the CFO’s SOX compliance budget.

While the Sarbanes-Oxley Act of 2002 identifies financial reporting requirements, it does not define how to comply technically with respect to IT security. Specifically it does not identify the need for event log analysis as fundamental to compliance. However, the IT Governance Institute has ...

Hi! You've reached one of our premium articles. This is available exclusively to subscribers.

It's free to register, and only takes a few minutes.

Once you sign up you'll have unlimited access to the full catalogue of Australia's best business IT content, as well as a daily news bulletin delivered straight to your inbox.

Register now
Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?