Product Details
Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools

Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools
By Christian Lahti, Roderick Peterson

Price: $49.95 & eligible for FREE Super Saver Shipping on orders over $25. Details

Availability: In stock soon. Order now to get in line. First come, first served.
Ships from and sold by Amazon.com

16 new or used available from $20.48

Average customer review:

Product Description

A Toolkit for IT Professionals

Whether you work for a publicly traded or pre-IPO company or as an IT consultant, you are familiar with the daunting task of complying with the Sarbanes-Oxley Act. You have no doubt seen the hour and dollar estimates for compliance go up and up. With this book, you can now regain control of your budget and schedule. This ground-breaking, fully integrated book and bootable "live" CD provide all the information and the Open Source tools for you to use to achieve IT SOX compliance. This book illustrates the many Open Source cost-saving opportunities that public companies can deploy in their IT organizations to meet the mandatory compliance requirements of the Sarbanes-Oxley Act.

  • Streamline IT SOX Compliance Using the Live CD
    • Use the tools on the bootable Linux CD to automate and manage workflow, disseminate information, track projects, manage groups, and much more.
  • Understand the Liability of Noncompliance
    • Learn the penalties associated with noncompliance resulting from both intentional and unintentional filing of an inaccurate certification.
  • Deploy COBIT Standards and Best-Known Methods (BKMs) in Your Organization
    • Master the six components of COBIT: Executive summary, framework, control objective, control practices, management guidelines, and audit guidelines.
  • Create an IT SOX Compliance Policy
    • Learn to write, implement, and enforce an effective IT compliance policy that will be supported by both users and management.
  • Realize the Benefits of Open Source Tools
    • Deploy Open Source applications throughout your enterprise to reduce cost and improve security.
  • Plan and Organize Your COBIT Strategy
    • Develop strategic IT plans that support business objectives and can stand the test of time.
  • Acquire Requisite Applications and Implement Your Plan
    • Ensure that you have the right people, skills, and tools to implement, test, certify, and maintain both existing and newly developed systems.
  • Deliver and Support New Systems
    • Ensure that new systems perform as expected upon implementation and that they continue to perform in accordance with established expectations.
  • Monitor the Progress of Your COBIT Deployment
    • Use service level agreements (SLAs) or established baselines to quantify performance against expectations and proactively troubleshoot problems.

Product Details

  • Amazon Sales Rank: #257690 in Books
  • Published on: 2005-09-01
  • Format: Illustrated
  • Number of items: 1
  • Binding: Paperback
  • 356 pages

Editorial Reviews

From the Back Cover
This book illustrates the many Open Source cost savings opportunities available to companies seeking Sarbanes-Oxley compliance. It also provides examples of the Open Source infrastructure components that can and should be made compliant. In addition, the book clearly documents which Open Source tools you should consider using in the journey towards compliance. Although many books and reference material have been authored on the financial and business side of Sox compliance, very little material is available that directly address the information technology considerations, even less so on how Open Source fits into that discussion.

Each chapter begins with an analysis of the business and technical ramifications of Sarbanes-Oxley as regards to topics covered before moving into the detailed instructions on the use of the various Open Source applications and tools relating to the compliance objectives. The bootable CD contains fully configured demonstrations of Open Source tools.

About the Author
Christian Lahti is a computer services consultant and an expert in security. He is a regular speaker at industry shows such as LinuxWorld and OSCON. He is the technical editor of Windows to Linux Migration Toolkit (Syngress, ISBN: 1931836396).

Roderick Peterson is the Information Technology Director at NeoMagic. He has more than 20 yeras' experience in the IT industry and has successfully led the development and deployment of major applications at several global companies.

Customer Reviews

Open Source Compliance Using CobiT4
This book is a winner. It is clever, and fresh, and offers some really great concepts and ideas for companies needing to, or wanting to (yes there is such a thing), comply with SOX. Also, I really like the open source 'tool kit' that they provide, and being a big fan of CobiT, and Linux, I was a pretty easy sell. Note: I got the CD to run without any problems at all, but perhaps I got a later 'bugless' version.

I guess my only reservations about the book are its target audience. Frankly, I can't see a bunch of deep pocket corporations with millions on the line if they come up short in the SOX compliance department, worrying too much about saving $50K on some (admittedly pretty cool) compliance tools. However, I do think that the ideas presented would certainly apply to the mid-caps and small-caps who are perhaps looking to seriously reduce compliance costs, and also speed up the documentation (read: collaborative documentation) required of SOX.

I would also point out that COSO - the primary framework endorsed by the SEC for (financial) internal controls - and CobiT - the framework primarily endorsed by the book - can live happily ever after. Since this book approaches SOX compliance from the IT perspective, I find this totally logical, consistent, and practical. I only raise it because some would probably wonder were COSO fits into all this.

I would have rated the book 5 stars, but I think it got bogged down a little in the technical, and would leave your typical SOX enthusiast nodding off and reaching for the remote. Being part geek myself - I rather enjoyed the excellent technical dissertations.

The book is clever. The approach is smart, original and timely. It would definitely work for small and mid caps. And those iPod toting, Wikipedia GenXers you have helping out on SOX, would take to it like Frisbees to a frat house.

A waste of money.1
If you are preparing for the CISA,do not waste your money on this book. Put your money towards the ISACA's study materials. I found several errors as well as disagreements between this book and ISACA's study guide.

Nice Resource on Sarbanes-Oxley Compliance4
If you are a company or IT person that is responsible for keeping your company compliant with the Sarbanes-Oxley act of 2002, you owe it to yourself to pick up this book. Chock full of tons of helpful advice and guidelines, this 300+ page text will help get your IT department streamlined and well structured. The Sarbanes-Oxley act was put into place in direct response to the outlandish acts of companies such as Tyco, Enron, MCI and the such where the public will know that their investment money is being used towards non-corrupt practices and this involves not only financial numbers, but also the systems that hold such important data.

Nice book, helpful guide

**** RECOMMENDED