Re: Sorbanes Oxley for dummies? -- more questions

At 03:30 AM Saturday, Jared Still wrote:


>A good free one can be found at http://passwordsafe.sourceforge.net/
>

I'll evaluate PasswordSafe and any other such utilities and even suggest
that to my IT Security and see if they want to recommend it to the rest of 
the IT groups.


>Auditors require personal accountability, which requires personal accounts.
>

That would then include Auditing every action by these accounts.


>  Ours identified critical systems, and those are the systems that are 
> audited.

Yes, I would expect that too.  However, somewhere along the line we have
got the impression that implementation of controls has to be the same across
all systems.

>We apply most of our security controls
>unilaterally, but do not test them, or remediate them.
>


Hemant K Chitale
http://web.singnet.com.sg/~hkchital



               
--
http://www.freelists.org/webpage/oracle-l

Other related posts: