Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Management
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Standards Compliance Software or Guidlines?

from [Non Proprio] Network Security [Permanent Link]
Subject: Re: Standards Compliance Software or Guidlines?
Date: Tue, 26 Oct 2004 17:12:34 -0500 (CDT) 
We wrestled with the issue of how to assess Sarbanes Oxley. ISO17799 (for us) 
was just a method to help meet our obligations under SOX and HIPAA.

Some of the best audit guides I'm aware of are online at www.isaca.org, which 
is the home site for CoBiT. I've not tried any of the software packages, since 
what I did was to figure out how the different standards could be used to map a 
cogent overall Infosec policy. Not sure that the end result necessarily 
measured up to that, but I did a fair amount of work analyzing CoBit, ISO17799 
(2000 and 2002).

I know that doesn't hit the answer square on the head, but I'm not sure such a 
comprehensive piece of software exists. 



On Oct 25, 2004 09:51 PM, Andre Derek Protas <randori82@hotmail.com> wrote:


Iâm trying to find some good resources out there for some good compliance
software or guidelines for the following audits:

Sarbanes-Oxley

FFIEC

HIPAA

ISO 17799

 

Anyone have any good suggestions?  Every website Iâve come across from
googling is wanting money, and itâs nearly impossible to just get some good
information on any of them with relation to an IT audit.

 

Thank you in advance,

 

Andre Derek Protas

 


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.778 / Virus Database: 525 - Release Date: 10/15/2004
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Guide for Business Impact Analysis, saikrishna
Next by Date:  RE: Standards Compliance Software or Guidlines?, Beauford, Jason
Previous by Thread:  Standards Compliance Software or Guidlines?, Andre Derek Protas
Next by Thread:  Re: Standards Compliance Software or Guidlines?, Richard . Sullivan
Indexes:  [Date] [Thread] [Top] [All Lists]