This book illustrates the many Open Source cost savings opportunities available to companies seeking Sarbanes-Oxley compliance. It also provides examples of the Open Source infrastructure components that can and should be made compliant. In addition, the book clearly documents which Open Source tools you should consider using in the journey towards compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.Each chapter begins with an analysis of the business and technical ramifications of Sarbanes-Oxley as regards to topics covered before moving into the detailed instructions on the use of the various Open Source applications and tools relating to the compliance objectives. - Shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications - Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals

The Sarbanes-Oxley Act (officially titled the Public Company Accounting Reform and Investor Protection Act of 2002), signed into law on 30 July 2002 by President Bush, is considered the most significant change to federal securities laws in the United States since the New Deal. It came in the wake of a series of corporate financial scandals, including those affecting Enron, Arthur Andersen, and WorldCom. The law is named after Senator Paul Sarbanes and Representative Michael G. Oxley. It was approved by the House by a vote of 423-3 and by the Senate 99-0. This book illustrates the many Open Source cost-saving opportunities that public companies can explore in their IT enterprise to meet mandatory compliance requirements of the Sarbanes-Oxley act. This book will also demonstrate by example and technical reference both the infrastructure components for Open Source that can be made compliant, and the Open Source tools that can aid in the journey of compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion. The format of the book will begin each chapter with the IT business and executive considerations of Open Source and SOX compliance. The remaining chapter verbiage will include specific examinations of Open Source applications and tools which relate to the given subject matter. * Only book that shows companies how to use Open Source tools to achieve SOX compliance, which dramatically lowers the cost of using proprietary, commercial applications. * Only SOX compliance book specifically detailing steps to achieve SOX compliance for IT Professionals.

Whether you’re a CEO or a file clerk, it’s important to understand Sarbanes-Oxley, the post-Enron legislation aimed at keeping corporations honest and ethical. However, with over eighty pages of dense, wordy language in the statute and thousands of pages of related congressional hearings, getting a firm grip of SOX can fluster even the most well-informed businessperson. Sarbanes-Oxley For Dummies is the no-nonsense, plain-English guide to this new law that leads you through its rules and pronouncements, giving you a sense of how to anticipate future trends and traps in this area of the law. With this trusty book, you’ll get a handle on the important aspects of the legislation, how it affects you and your company, and how companies can comply more cost-effectively. It provides you with the knowledge to: Understand why SOX was created Determine what aspects of SOX apply to your company Develop meaningful standards for your company Institute cost-effective compliance with SOX Manage and streamline Section 404 compliance Find specific SEC laws and pronouncements Interpret media accounts, court cases, and economic projections Avoid lawsuits and regulatory actions Anticipate future SEC rules and PCAOB pronouncements This book also shows you how to build an effective audit committee and makes suggestions on sensible precautions that every manager should take in order to avoid legal troubles. Complete with the entire Sarbanes-Oxley act and sample documents, Sarbanes-Oxley For Dummies helps you discover how to follow the law and protect your business.

Recent studies have indicated that the average corporation loses 1-6% per year of their revenue to fraud. The author has put together a book which covers every necessary aspect of protecting a privately-held company, or a publicly-held company, from the risks of fraud. Corporate Governance principles, an analysis of the Enron trial, and practical case studies abound in this volume. Whether you are a Private Investigator needing a Guide to Forensics, or a business owner looking to protect your financial interests in a growing entrepreneurial company, this book is a must-read. As most of us have found out, there are two ways to learn: experience or having a great mentor. The latter is much more cost-effective. This book is just that - a great lesson in all aspects of protecting your company. It is nothing less than a treasure trove of information, advice and exposition regarding just about every area of corporate investigations. If you have concerns about privacy, asset protection and anti-fraud measures, this book is for you!

"This practical guidance was created for enterprises using or considering using cloud computing. It provides a governance and control framework based on COBIT 5 and an audit program using COBIT 5 for Assurance. This information can assist enterprises in assessing the potential value of cloud investments to determine whether the risk is within the acceptable level. In addition, it provides a list of publications and resources that can help determine if cloud computing is the appropriate solution for the data and processes being considered."--

Develop and implement an effective end-to-end security program Today’s complex world of mobile platforms, cloud computing, and ubiquitous data access puts new security demands on every IT professional. Information Security: The Complete Reference, Second Edition (previously titled Network Security: The Complete Reference) is the only comprehensive book that offers vendor-neutral details on all aspects of information protection, with an eye toward the evolving threat landscape. Thoroughly revised and expanded to cover all aspects of modern information security—from concepts to details—this edition provides a one-stop reference equally applicable to the beginner and the seasoned professional. Find out how to build a holistic security program based on proven methodology, risk analysis, compliance, and business needs. You’ll learn how to successfully protect data, networks, computers, and applications. In-depth chapters cover data protection, encryption, information rights management, network security, intrusion detection and prevention, Unix and Windows security, virtual and cloud security, secure application development, disaster recovery, forensics, and real-world attacks and countermeasures. Included is an extensive security glossary, as well as standards-based references. This is a great resource for professionals and students alike. Understand security concepts and building blocks Identify vulnerabilities and mitigate risk Optimize authentication and authorization Use IRM and encryption to protect unstructured data Defend storage devices, databases, and software Protect network routers, switches, and firewalls Secure VPN, wireless, VoIP, and PBX infrastructure Design intrusion detection and prevention systems Develop secure Windows, Java, and mobile applications Perform incident response and forensic analysis

For the undergraduate/graduate introductory information systems course required of all business students. Information Systems Today, 3e, speaks directly to WHY IS MATTERS today by focusing on what every business student needs to know about IS including its leading role in the globalization of business.