Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools

Whether you work for a publicly traded or pre-IPO company or as an IT consultant, you are familiar with the daunting task of complying with the Sarbanes-Oxley Act. You have no doubt seen the hour and dollar estimates for compliance go up and up. With this book, you can now regain control of your budget and schedule. This ground-breaking, fully integrated book provides all the information and the Open Source tools for you to use to achieve IT SOX compliance. This book illustrates the many Open Source cost-saving opportunities that public companies can deploy in their IT organizations to meet the mandatory compliance requirements of the Sarbanes-Oxley Act.

• Understand the Liability of Noncompliance: Learn the penalties associated with noncompliance resulting from both intentional and unintentional filing of an inaccurate certification.
• Deploy COBIT Standards and Best-Known Methods (BKMs) in Your Organization Master the six components of COBIT: Executive summary, framework, control objective, control practices, management guidelines, and audit guidelines.
• Create an IT SOX Compliance Policy: Learn to write, implement, and enforce an effective IT compliance policy that will be supported by both users and management.
• Realize the Benefits of Open Source Tools: Deploy Open Source applications throughout your enterprise to reduce cost and improve security.
• Plan and Organize Your COBIT Strategy: Develop strategic IT plans that support business objectives and can stand the test of time.
• Acquire Requisite Applications and Implement Your Plan: Ensure that you have the right people, skills, and tools to implement, test, certify, and maintain both existing and newly developed systems.
• Deliver and Support New Systems: Ensure that new systems perform as expected upon implementation and that they continue to perform in accordance with established expectations.
• Monitor the Progress of Your COBIT Deployment: Use service level agreements (SLAs) or established baselines to quantify performance against expectations and proactively troubleshoot problems.

About the Authors

Christian Lahti is a computer services consultant with more than 15 years’ experience in the IT industry. He is an expert in security, systems, and networking, having developed and implemented global IT infrastructures with a focus on Linux and open source, as well as providing consulting expertise for successful cross-platform integrations and interoperability. In addition, he is also skilled in database design and Web development. Christian is a speaker and tutorial presenter at both LinuxWorld and O’Reilly’s OSCON. He was a technical editor and contributing author to Windows to Linux Migration Toolkit (Syngress Publishing).

Roderick Peterson is currently employed at NeoMagic as Information Technology Director. He has more than 20 years’ experience in the IT industry. His diverse background includes knowledge of mainframe operations, LAN, Internet, IT infrastructure, business applications, and the integration of emerging technologies. He has successfully led the development and deployment of major applications at several global companies. He also successfully owned and operated an IT consulting business for more than five years.