« What’s In A Log: Part 1
Cisco Buys Protego »

CFO responsibility to fund log analysis for Sarbanes-Oxley compliance

Ron Lepofsky from ERE Information Security had a great article, CFO responsibility to fund log analysis for Sarbanes-Oxley compliance, on SC Magazine.

Here’s a summary SC Magazine provided:

Corporations responsible for complying with Sarbanes-Oxley, face great hurdles with a basic compliance objective: analysis of their (server and security device) event logs. Some do not for lack of awareness, and others because of the difficulty (and cost) of performing the analysis. Further, issuers erroneously place the cost burden of SOX compliance on the IT security department, when the costs should be borne by the CFOs SOX compliance budget.

Last Modified: Thursday, December 16th, 2004 @ 09:06

This entry was posted on Wednesday, December 15th, 2004 at 9:23 pm and is filed under Compliance. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

One Response to “CFO responsibility to fund log analysis for Sarbanes-Oxley compliance”

  1. erin Said on May 17th, 2005 at 10:10 pm quote

    Just happened upon your blog and really like the content and focus. I have done research on the forensic aspects of logs (i.e. ensuring reliability and admissibility for legal proof purposes). Here’s a link to one of my articles in case you’re interested: http://www.usenix.org/publications/login/2003-12/pdfs/kenneally.pdf