Sarbox worsens security
#106 Now this is an excellent take on the downside of Sarbanes Oxley compliance. As I stated in a previous blog, corporations seem to fear legal risk more than security risks and this article notes that Sarbox could divert all the attention and spending in one direction at the expense of other more prevalent security risks.
The Information Security Forum, an international security association, said Monday that it calculates that many of its members expect to spend more than $10 million each on information security controls to comply with regulations laid down by Sarbanes-Oxley.
The ISF warns that SOX ignores security issues that are extremely important when dealing with risks to information, such as business continuity and disaster recovery. This makes it important to integrate compliance into a wider IT security and corporate governance strategy, it said. Well said!
The Information Security Forum, an international security association, said Monday that it calculates that many of its members expect to spend more than $10 million each on information security controls to comply with regulations laid down by Sarbanes-Oxley.
The ISF warns that SOX ignores security issues that are extremely important when dealing with risks to information, such as business continuity and disaster recovery. This makes it important to integrate compliance into a wider IT security and corporate governance strategy, it said. Well said!
posted by Dwaine at 7/13/2005
0 Comments:
Post a Comment
<< Home