TMCnet News

2022 Sarbanes Oxley Compliance Resource Kit -
[November 24, 2022]

2022 Sarbanes Oxley Compliance Resource Kit -

The "Sarbanes Oxley Compliance Resource Kit" report has been added to's offering.

The SOX kit contains all of the tools that are need to comply with the Sarbanes-Oxley legislation. This tool kit has been used successfully by over 500 publicly traded companies.

ITIL and "Best Practices" are no longer sufficient to conform to the Sarbanes Oxley and COBIT requirements. There are many products on the market that claim they can track changes, that they can control/manage changes or that they can audit the use of products and the changes made to systems.

Almost all of the Change Management products are either "Electronic Paper" (i.e. they cannot prevent unauthorized changes from being made) or they react after the event based on cyclic comparisons of the various data sets. The time betwee the cyclic comparisons is an open door for anyone trying to manipulate the systems, and paper based systems offer no protection at all.

Sarbanes-Oxley Section 404 requires that:

  • Enterprises have an enterprise wide security policy;
  • Enterprises have enterprise wide classification of data for security, risk, and business impact;
  • Enterprises have security related standards and procedures;
  • Enterprises have formal security based documentation, auditing, and testing in place;
  • Enterprise enforce separation of duties; and
  • Enterprises have policies and procedures in place for Change Management, Help Desk, Service Requests, and changes to applications, policies, and procedures.

The Sarbanes Oxley Compliance Resource Kit includes the following components:

  • Security Manual Template
  • Sensitive Information Policy
  • Disaster Recovery Template
  • Safety Manual Template
  • Threat & Vulnerability Assessment Tool
  • Business & IT Impact Questionnaire
  • Practical Guide for IT Outsourcing
  • Chief Security Officer Job Description

The tools provided in these kits address not only the needs of Sarbanes-Oxley, COBIT and ISO -- they also provide a vehicle to comply with the IT Governance requirements.

For more information about this report visit

[ Back To's Homepage ]