Overview
The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those affecting Enron, Arthur Andersen, and WorldCom. The law is named after Senator Paul Sarbanes and Representative Michael G. Oxley. It was approved by the House by a vote of 423-3 and by the Senate 99-0.This book illustrates the many Open Source cost-saving opportunities that public companies can explore in their IT enterprise to meet mandatory compliance requirements of the Sarbanes-Oxley act. This book will also demonstrate by example and technical reference both the infrastructure components for Open Source that can be made compliant, and the Open Source tools that can aid in the journey of compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.
The format of the book will begin each chapter with the IT business and executive considerations of Open Source and SOX compliance. The remaining chapter verbiage will include specific examinations of Open Source applications and tools which relate to the given subject matter, and last a bootable ?live? CD will have fully configured running demonstrations of Open Source tools as a valuable technical reference for implementation of the concepts provided in the book
* Only book that shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications.
* Only SOX book with a bootable-Linux CD containing countless applications, forms, and checklists to assist companies in achieving SOX compliance.
* Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals.
Synopsis
The Sarbanes-Oxley Act affects everyone in the finance or IT departments of publicly traded or pre-IPO companies who must spend much time and money figuring out how to comply. This book/CD-ROM package is not intended as a how-to manual for passing audits, but it does integrate information about the Act so that technical folks have an idea of the big picture. Coverage includes how to interface with auditors and deploy COBITstandards to streamline and control compliance systems. Coverage includes reasons to use open source tools and how to plan and organize a strategy, acquire requisite applications and implement the plan, and deliver, support, and monitor progress. The included "live" CD contains a self-contained version of Linux and the open-source software discussed in the text. Distributed in the US by O'Reilly. Annotation © 2006 Book News, Inc., Portland, OR
Editorials
From Barnes & Noble
IT-related Sarbanes-Oxley (and other) compliance initiatives will never be easy or cheap. But the COBIT guidelines and best practices can make it far easier to cover all the bases. And using open source software can help you mitigate the costs of compliance. This book can help with both.The authors walk through the compliance process using a fictional case study and some very real open source software (including eGroupware, Zabbix monitoring, Knowledge Tree document management, Fedora Directory, and Webmin. This software -- along with the enterprise-class CentOS Linux distribution -- is all provided on disk, as the "ITSox2 Toolkit."
You'll find guidance on defining and managing policies; setting and enforcing service levels; ensuring security; implementing clear workflows; identifying and remediating compliance gaps; and much more. Along the way, the authors share diverse stakeholder perspectives, offering valuable insight for achieving compliance from both business and technical viewpoints. Bill Camarda, from the February 2008 Read Only