Sarbanes-Oxley IT Compliance Using Open Source Tools

Sarbanes-Oxley IT Compliance Using Open Source Tools

by Christian B Lahti, Roderick Peterson
     
 

View All Available Formats & Editions

The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those

Overview

The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those affecting Enron, Arthur Andersen, and WorldCom. The law is named after Senator Paul Sarbanes and Representative Michael G. Oxley. It was approved by the House by a vote of 423-3 and by the Senate 99-0. This book illustrates the many Open Source cost-saving opportunities that public companies can explore in their IT enterprise to meet mandatory compliance requirements of the Sarbanes-Oxley act. This book will also demonstrate by example and technical reference both the infrastructure components for Open Source that can be made compliant, and the Open Source tools that can aid in the journey of compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion. The format of the book will begin each chapter with the IT business and executive considerations of Open Source and SOX compliance. The remaining chapter verbiage will include specific examinations of Open Source applications and tools which relate to the given subject matter.

All disc-based content for this title is now available on the Web.



* Only book that shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications. * Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals.

Editorial Reviews

IT-related Sarbanes-Oxley (and other) compliance initiatives will never be easy or cheap. But the COBIT guidelines and best practices can make it far easier to cover all the bases. And using open source software can help you mitigate the costs of compliance. This book can help with both.

The authors walk through the compliance process using a fictional case study and some very real open source software (including eGroupware, Zabbix monitoring, Knowledge Tree document management, Fedora Directory, and Webmin. This software -- along with the enterprise-class CentOS Linux distribution -- is all provided on disk, as the "ITSox2 Toolkit."

You'll find guidance on defining and managing policies; setting and enforcing service levels; ensuring security; implementing clear workflows; identifying and remediating compliance gaps; and much more. Along the way, the authors share diverse stakeholder perspectives, offering valuable insight for achieving compliance from both business and technical viewpoints. Bill Camarda, from the February 2008 Read Only

Product Details

ISBN-13:
9780080557274
Publisher:
Elsevier Science
Publication date:
12/19/2007
Series:
Sarbanes-Oxley Compliance Using COBIT and Open Source Tools Series
Sold by:
Barnes & Noble
Format:
NOOK Book
Pages:
466
File size:
13 MB
Note:
This product may take a few minutes to download.

Meet the Author

Christian Lahti is a computer services consultant and an expert in security. He is a regular speaker at industry shows such as LinuxWorld and OSCON. He is the technical editor of Windows to Linux Migration Toolkit (Syngress, ISBN: 1931836396).
Roderick Peterson is the Information Technology Director at NeoMagic. He has more than 20 yeras' experience in the IT industry and has successfully led the development and deployment of major applications at several global companies.

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >