Campbellsville University SOX ISO NIST Frameworks Discussion

User Generated

fnaznynivwnl4

Computer Science

Campbellsville University

Description

Question 1 :

Please write discussion essay in 500 words or more on the topic SOX. Discuss the logging and separation of duties plays a role in SOX compliance. Discuss the utilization of database audit and monitoring in SOX compliance. Discuss the automation used by DBA to comply SOX framework. Please use own word and cite sources accordingly.

Question 2 :

Please write a discussion essay of 500 words or more on how database auditing and monitoring fit within a SOX compliance framework. Please use own word and cite sources accordingly. Use the five paragraph format. Each paragraph must have at least five sentences. Include 3 quotes from 3 different articles with quotation marks and cited in-line and in a list of clickable references. Include an interesting meaningful title.

Question 3 :

Please write a discussion essay of 500 words or more on comparison/contrast between ISO versus NIST database security frameworks. Please use own word and cite sources accordingly. Use the five paragraph format. Each paragraph must have at least five sentences. Include 3 quotes from 3 different articles with quotation marks and cited in-line and in a list of clickable references.

User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

SOX, ISO and NIST frameworks outline
Question 1
Discuss the logging and separation of duties plays a role in SOX compliance. Discuss the
utilization of database audit and monitoring in SOX compliance. Discuss the automation
used by DBA to comply SOX framework.
SOX (Sarbanes-Oxley Act) is describing on related requirements to the source of integrity data
which are linking to transactions of finance alongside disclosures. It requires implementation of
technical controls.
Companies need to have security of IT logging as well as network backups to ensure that the
company complies with regulations of SOX.
Administrators as well as managers of IT, should implement different control types that are
complying with SOX. These controls include: ensuring all users have passwords with dates of
expiry.
Question 2.
How database auditing and monitoring fit within a SOX compliance framework.
Compliance of network has become mandatory in recent times. One primary reason why an
individual could see is that the growing numbers of cyber security incidents led to establishment
of several frameworks and federal regulations.
The Sarbanes-Oxley act is designed to combat crimes related to finance.
Self-auditing performance has become an integral part of SOX audit compliance preparation.
The major sections in the act indirectly force scrutiny of information security for SOX control
compliance. For instance, Section 302 states that CFO and CEO must report and assess on
effectiveness of internal controls around reports of finance.
Question 3.
Comparison/contrast between ISO versus NIST database security frameworks.
ISO and NIST both involve in establishment of controls of security, but each scope varies on the
way they approach information security. ISO is a standard that focuses on keeping of stakeholder
and customer information’s, maintaining of integrity by prevention of unauthorized modification
and being available to systems and authorized persons.
ISO outlines Information Security Management requirements (ISMS) and gives organizations
guidance on how to implement and establish and ISMS.
NIST has cybersecurity which is voluntary framework available for organizations overseeing
infrastructure which is critical. Its goals are the same as ISO with identification emphasis,
managing and evaluating information systems acceptable risks.

Companies may see a lot of overlap between ISO and NIST cybersecurity framework. Company
that relies on technology can benefit from implementing these guidelines as flexible framework
that can accommodate everything from standard information to things of internet.
NIST uses five functions to allow customization of their measures of cybersecurity to meet goals
and environment unique challenges. i.e. identify, protect, detect, respond and recover.


Running head: SOX, ISO, NIST FRAMEWORKS

SOX, ISO, NIST Frameworks
Student ID
Instructor Affiliation
Date

1

SOX, ISO, NIST FRAMEWORKS

2

Question one
SOX (Sarbanes-Oxley Act) is describing on related requirements to the source of integrity data
which are linking to transactions of finance alongside disclosures. It requires the implementation
of technical controls. It also needs access to continuous auditing towards increasing the reliability
of data that is associated with transactions of finance. An organization needs to implement different
frameworks to ensure that internal controls are well established. For instance, implementation of
ISO, CobiT, COSO alongside others. The logs are containing information which is fatal and can
be uti...


Anonymous
Just what I needed. Studypool is a lifesaver!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags