I recently found a Sarbanes-Oxley (SOX) Space Lazer (sic) on a network security diagram. No kidding. The following items also appeared:
- Interstate 495
- Wang 5000
- Peanut butter
- Printer of evil
- Gene Hackman
- Automated Retirement Party Flyer Generation Appliance
David S. Hilzenrath, of the Washington Post, writes:
The Supreme Court yesterday agreed to consider a challenge to the Sarbanes-Oxley Act of 2002, the centerpiece of the government’s response to the watershed accounting scandals at Enron and Worldcom. Continue reading
Bruce Schneier has 5 questions for assessing security and the trade-offs that are made during the assessment process.
- What assets are you trying to protect?
- What are the risks to these assets?
- How well does the security solution mitigate those risks?
- What other risks does the security solution cause?
- What trade-offs does the security solution require?
Filed under Audit, Security