Sarbanes-Oxley Policy Samples:: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
No edit summary
 
No edit summary
 
Line 3: Line 3:
<br>
<br>
'''SOX Policy Sample Library'''<br>
'''SOX Policy Sample Library'''<br>
This section provides the minimum set of Policy Framework templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security Program that complies with GLBA. Additional best practices policies and standards are provided for financial organizations that wish to exceed GLBA requirements and establish a more comprehensive Policy Framework.<br>
This section provides sample Information Security Policy templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security Program that complies with SOX Section 404.<br>
<br>
<br>
:[[SOX Policy References:|'''SOX Policy References''']]<br>
:[[SOX Policy References:|'''SOX Policy References''']]<br>
Line 11: Line 11:
:Standards provide more measurable criteria and specific requirements for satisfying the high-level objectives defined in the policies. This section provides non-technical standards and technical standards.<br>
:Standards provide more measurable criteria and specific requirements for satisfying the high-level objectives defined in the policies. This section provides non-technical standards and technical standards.<br>
<br>
<br>
--[[User:Mdpeters|Mdpeters]] 09:02, 14 July 2006 (EDT)
--[[User:Mdpeters|Mdpeters]] 09:03, 14 July 2006 (EDT)

Latest revision as of 13:03, 14 July 2006

SOX

Section 404 of the Sarbanes-Oxley Act (SOX) requires companies to document their financial and Information Technology (IT) controls and attest to the effectiveness of the controls on an annual basis. This section provides access to Information Security Policy Framework templates (for example, policies and standards) that are needed to create, implement, and maintain a risk management-based Information Security Program that complies with SOX Section 404.

SOX Policy Sample Library
This section provides sample Information Security Policy templates (for example, Program Charter, policies, and standards) that are needed to create, implement, and maintain an Information Security Program that complies with SOX Section 404.

SOX Policy References
Policies are the broad rules for ensuring the protection of information assets, and for implementing a security strategy or program. Generally brief in length, policies are independent of particular technologies and specific solutions. This section provides sample security policies that an organization can clone and tailor to its unique requirements.


SOX Standard References
Standards provide more measurable criteria and specific requirements for satisfying the high-level objectives defined in the policies. This section provides non-technical standards and technical standards.


--Mdpeters 09:03, 14 July 2006 (EDT)

Retrieved from "http://horseproject.wiki/index.php?title=Sarbanes-Oxley_Policy_Samples:&oldid=2327"