 Welcome to SearchSecurity.com's SOX Security School. In this free, multi-media Security School, guest instructor Richard Mackey shows you exactly what you need to do to meet SOX's ongoing demands and arms you with actionable items to ensure your business remains continuously compliant. This course consists of three lessons -- beginning with a SOX Scorecard and foundational article -- to help you see where your organization stands and help you understand the basics of SOX standards. Lesson 2 consists of one 60-minute webcast and three 15-minute quickcasts, and Lesson 3 offers three articles covering compliance-related technology. All of these resources are available on-demand, so you can learn at your convenience. As a bonus, through our agreement with (ISC)², all CISSP and SSCP webcast attendees are entitled to 1 CPE credit per webcast hour. (Click here for details)
|
SCHOOL HIGHLIGHTS |
|
Send the editor your feedback on this Security School Learn about earning CPE credits Visit our Security School for CISSP training Visit our E-mail Security School Visit our Web Security School
IBM Tivoli white paper: |
| SOX Security School Course Outline |
Lesson 1: Gauging your SOX progress
- SOX Scorecard
This multiple-choice scorecard walks you through a combination of fundamental and more subtle COBIT-related security requirements enabling you to judge where your organization stands in terms of meeting SOX's demands. You'll answer twenty questions -- five related to each of COBIT's four main security aspects: planning and organization, acquisition and implementation, delivery and support, and monitoring.
GO TO THE SCORECARD
- Article: SOX, security standards and building a compliance framework
This article helps you understand the various security standards related to SOX compliance. You learn what these standards call for as well as how they relate to SOX and one another.
READ THE ARTICLE
- Webcast: A security team's to-do list
This 60-minute webcast helps information security teams understand the regulation's evolving expectations and arms them with actionable items to ensure that their businesses remain continuously compliant. Guest speaker Richard Mackey, Principal, SystemExperts, provides a brief recap of SOX's goals, COSO's broad application to business, COBIT and IT governance.
VIEW THIS WEBCAST
- Quickcast 1: How-to guide: SOX, ID management and access control
In 15 minutes, you'll learn the importance of provisioning in SOX compliance, and how to meet specific control objectives from COBIT.
VIEW THIS QUICKCAST
- Quickcast 2: How-to guide: SOX and vulnerability remediation
In this 15-minute webcast session, you'll learn tactics for meeting control objectives associated with vulnerability remediation.
VIEW THIS QUICKCAST
- Quickcast 3: How-to guide: IT governance and SOX compliance
In 15 minutes, learn valuable tactics for getting business and technical organizations to take responsibility for technical compliance, as well as specific steps for defining policies and mechanisms that help the business comply.
VIEW THIS QUICKCAST
Lesson 3: Understanding compliance-related technology
- Article: SOX reality check: Policy tools
Learn how to best use policy templates for SOX compliance and how to apply policies within a business context. This article provides an overview of policy sets and audit tools, and teaches you how to use standards as a guide for developing policies.
READ THIS ARTICLE
- Article: SOX reality check: Provisioning systems
Gain insight into compliance-related products for account lifecycle management, reporting and review, and workflow and approvals.
READ THIS ARTICLE
- Article: SOX reality check: Compliance management products
SOX compliance extends beyond IT and security. This article examines all-in-one compliance tools, and explains what they can and can't do.
READ THIS ARTICLE
Final Exam
After you've completed Lessons 1, 2 and 3, take the Final Exam to assess your knowledge of SOX based on what you've learned in this school.
| About the Instructor |
|
This was first published in February 2006