The Sarbanes-Oxley Act (SOX) was enacted to protect shareholders from fraudulent activities. Likewise, there are controls, including IT controls, which organizations need to implement to be complaint with SOX. Review the elements of SOX using the information, located at http://www.soxlaw.com/, and be prepared to discuss.
Wk 4 Discussion 1
SOX Please respond to the following:
- From the e-Activity, describe the main elements of SOX and identify the controls organizations need to implement to be compliant with SOX.
- From the e-Activity, choose the element of SOX you believe is most difficult or challenging for organizations to implement and explain why. Suggest the controls organizations should implement to mitigate the issue you chose.
The Federal Information Security Management Act (FISMA) provides many standards and guidance for implementing effective security management programs. Review the information, located at http://csrc.nist.gov/groups/SMA/fisma/index.html, and be prepared to discuss.
Wk5 Discussion 1
FISMA and NIST Please respond to the following:
- From the e-Activity, describe the main elements of FISMA in the management and governance of federal information systems.
- From the e-Activity, examine how FISMA and NIST work together to provide guidance and direction to organizations and agencies.