Re: Sorbanes Oxley for dummies? -- more questions

  • From: Hemant K Chitale <hkchital@xxxxxxxxxxxxxx>
  • To: jkstill@xxxxxxxxx, oracle-l@xxxxxxxxxxxxx
  • Date: Sat, 15 Jan 2005 16:39:28 +0800

At 03:30 AM Saturday, Jared Still wrote:

>A good free one can be found at

I'll evaluate PasswordSafe and any other such utilities and even suggest
that to my IT Security and see if they want to recommend it to the rest of 
the IT groups.

>Auditors require personal accountability, which requires personal accounts.

That would then include Auditing every action by these accounts.

>  Ours identified critical systems, and those are the systems that are 
> audited.

Yes, I would expect that too.  However, somewhere along the line we have
got the impression that implementation of controls has to be the same across
all systems.

>We apply most of our security controls
>unilaterally, but do not test them, or remediate them.

Hemant K Chitale


Other related posts: