| OverviewA Toolkit for IT Professionals
Whether you work for a publicly traded or pre-IPO company or
as an IT consultant, you are familiar with the daunting task
of complying with the Sarbanes-Oxley Act. You have no doubt
seen the hour and dollar estimates for compliance go up and
up. With this book, you can now regain control of your
budget and schedule. This ground-breaking, fully integrated
book and bootable "live" CD provide all the information and
the Open Source tools for you to use to achieve IT SOX
compliance. This book illustrates the many Open Source
cost-saving opportunities that public companies can deploy
in their IT organizations to meet the mandatory compliance
requirements of the Sarbanes-Oxley Act.
Streamline IT SOX
Compliance Using the Live CD:
Use the tools on the bootable Linux CD to automate and
manage workflow, disseminate information, track projects,
manage groups, and much more.
Understand the Liability of
Noncompliance:
Learn the penalties associated with noncompliance resulting
from both intentional and unintentional filing of an
inaccurate certification.
Deploy COBIT Standards and Best-Known
Methods (BKMs) in Your Organization:
Master the six components of COBIT: Executive summary,
framework, control objective, control practices, management
guidelines, and audit guidelines.
Create an IT SOX Compliance
Policy:
Learn to write, implement, and enforce an effective IT
compliance policy that will be supported by both users and
management.
Realize the Benefits of Open Source
Tools:
Deploy Open Source applications throughout your enterprise
to reduce cost and improve security.
Plan and Organize Your COBIT
Strategy:
Develop strategic IT plans that support business objectives
and can stand the test of time.
Acquire Requisite Applications and Implement
Your Plan:
Ensure that you have the right people, skills, and tools to
implement, test, certify, and maintain both existing and
newly developed systems.
Deliver and Support New
Systems:
Ensure that new systems perform as expected upon
implementation and that they continue to perform in
accordance with established expectations.
Monitor the Progress of Your COBIT
Deployment:
Use service level agreements (SLAs) or established baselines
to quantify performance against expectations and proactively
troubleshoot problems.
Editorial ReviewsProduct DescriptionThis book illustrates the many Open Source cost savings opportunities available to companies seeking Sarbanes-Oxley compliance. It also provides examples of the Open Source infrastructure components that can and should be made compliant. In addition, the book clearly documents which Open Source tools you should consider using in the journey towards compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.
Each chapter begins with an analysis of the business and technical ramifications of Sarbanes-Oxley as regards to topics covered before moving into the detailed instructions on the use of the various Open Source applications and tools relating to the compliance objectives.
The bootable CD contains fully configured demonstrations of Open Source tools.
* Shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications
* Contains a bootable-Linux CD containing countless applications, forms, and checklists to assist companies in achieving SOX compliance
* Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals |
Top Sellers in This Category | Browse Similar Topics | | Top Level Categories:Sub-Categories: | | | |
Reader Reviews From Amazon (Ranked by 'Helpfulness') Average Customer Rating: based on 16 reviews. Open Source Compliance Using CobiT, 2007-10-10 Reviewer rating: This book is a winner. It is clever, and fresh, and offers some really great concepts and ideas for companies needing to, or wanting to (yes there is such a thing), comply with SOX. Also, I really like the open source 'tool kit' that they provide, and being a big fan of CobiT, and Linux, I was a pretty easy sell. Note: I got the CD to run without any problems at all, but perhaps I got a later 'bugless' version.
I guess my only reservations about the book are its target audience. Frankly, I can't see a bunch of deep pocket corporations with millions on the line if they come up short in the SOX compliance department, worrying too much about saving $50K on some (admittedly pretty cool) compliance tools. However, I do think that the ideas presented would certainly apply to the mid-caps and small-caps who are perhaps looking to seriously reduce compliance costs, and also speed up the documentation (read: collaborative documentation) required of SOX.
I would also point out that COSO - the primary framework endorsed by the SEC for (financial) internal controls - and CobiT - the framework primarily endorsed by the book - can live happily ever after. Since this book approaches SOX compliance from the IT perspective, I find this totally logical, consistent, and practical. I only raise it because some would probably wonder were COSO fits into all this.
I would have rated the book 5 stars, but I think it got bogged down a little in the technical, and would leave your typical SOX enthusiast nodding off and reaching for the remote. Being part geek myself - I rather enjoyed the excellent technical dissertations.
The book is clever. The approach is smart, original and timely. It would definitely work for small and mid caps. And those iPod toting, Wikipedia GenXers you have helping out on SOX, would take to it like Frisbees to a frat house. | A waste of money., 2007-01-05 Reviewer rating: If you are preparing for the CISA,do not waste your money on this book. Put your money towards the ISACA's study materials. I found several errors as well as disagreements between this book and ISACA's study guide. | Nice Resource on Sarbanes-Oxley Compliance, 2006-08-11 Reviewer rating: If you are a company or IT person that is responsible for keeping your company compliant with the Sarbanes-Oxley act of 2002, you owe it to yourself to pick up this book. Chock full of tons of helpful advice and guidelines, this 300+ page text will help get your IT department streamlined and well structured. The Sarbanes-Oxley act was put into place in direct response to the outlandish acts of companies such as Tyco, Enron, MCI and the such where the public will know that their investment money is being used towards non-corrupt practices and this involves not only financial numbers, but also the systems that hold such important data.
Nice book, helpful guide
**** RECOMMENDED | ARE YOU IN COMPLIANCE??, 2006-07-22 Reviewer rating: Are you a CFO, CIO, CEO, VP, Director of IT, IT Operations Manager, and/or IT Consultant? If you are, then this book is for you! Authors Christian Lahti, Roderick Peterson, and Steve Lanza, have done an outstanding job of writing a practical book that gives you the reader, an understanding of how open source technology and tools might be applied to your individual requirements.
Lahti, Peterson, and Lanza, begin by discussing why the Sarbanes-Oxley (SOX) experience promises to be quite different in terms of depth, cost, and resources. Then, the authors discuss how Congress enacted the Sarbanes-Oxley Act of 2002 in an effort to prevent financial scandals such as those that occurred at Enron and MCI. Next, they explore the need for SOX compliance and the possible consequences of noncompliance--lawsuits, negative publicity for the company, and fines for executive management. The authors then investigate the entire open source phenomenon and the fundamental differences between it and nonfree software. They continue by covering the difference between SOX and COBIT. Then, the authors discuss automation and why it should be a key component of any small to medium-sized company's SOX compliance activities. Next, they cover the COBIT Delivery and Support Delivery and Support Domain and why it is important, not only to SOX compliance activities, but also from an IT Department repositioning perspective. The authors then discuss Deming's continuous quality improvement process, specifically how it was predicted on a closed-loop process. Finally, they show you how to reposition an IT Department, by utilizing COBIT for SOX.
In this most excellent book, you will find a lot of applicable content--basically as much as the authors could muster by way of open source technologies and how they fit into the SOX sphere of influence. More importantly, this book illustrates the many Open Source cost-saving opportunities that public companies can deploy in their IT organizations to meet the mandatory compliance requirements of SOX.
| Great resource, very helpful in ensuring complying with SOX, 2006-04-20 Reviewer rating: Compliance with the Sarbanes-Oxley Act is a legal requirement for publicly traded companies. The problem with the Act is that it requires things like adequate internal control structure and a report on the effectiveness of the internal control structure and procedures while not providing any guidance or any specific mention of information technology implications. Luckily there are several other more specific standards to follow, with the most common among auditors being COBIT (Control Objectives for Information and Related Technology).
This book concentrates on using various open source tools (included on a CD with the book) to audit and document your system for compliance with COBIT. The authors take the reader through a detailed walk through the COBIT components and explain each one as well as how to implement it successfully. If it is followed the result is a sustainable system that is well documented, has set policies to prevent problems, has solid controls, and establishes responsibilities for change and improvements. Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools is highly recommended for anyone preparing to undergo and Sarbanes-Oxley audit but is also highly recommended to others because it is so useful for documenting your system and setting responsibility for changes to it. |
Some information above was provided using data from Amazon.com. View at Amazon > |
| |
|
|
