DocumentCode
1804180
Title
An Efficient Framework for IT Controls of Bill 198 (Canada Sarbanes-Oxley) Compliance by Aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002
Author
Huang, Zhitao ; Zavarsky, Pavol ; Ruhl, Ron
Author_Institution
Coll. of Alberta, Dept. of Inf. Syst. Security, Concordia Univ., Edmonton, AB, Canada
Volume
3
fYear
2009
fDate
29-31 Aug. 2009
Firstpage
386
Lastpage
391
Abstract
Canadian companies have been struggling with the Bill 198 (CSOX) compliance. The main problem is the lack of clear guidelines and the non-existence of a specific compliance process the IT staff could use to achieve the IT control objectives of the Bill 198. This research paper demonstrates a possibility of creating a new comprehensive framework to accomplish the compliance goal by aligning three existing effective frameworks COBIT 4.1, ITIL v3, and the ISO/IEC 27002 standard. It is shown in the paper, that relative to the current CSOX compliance practices, the new framework provides for higher efficiency and reduction of resources needed to comply with the Bill.
Keywords
ISO standards; law; telecommunication standards; Bill 198 compliance; COBIT 4.1; CSOX compliance practice; ISO/IEC 27002 standard; IT controls; ITIL v3; compliance goal; compliance process; information technology; Environmental management; Humans; IEC standards; ISO standards; Laboratories; Peer to peer computing; Protocols; Public key; Security; Testing; Bill 198; COBIT; CSOX; ISO27002; ITIL; compliance;
fLanguage
English
Publisher
ieee
Conference_Titel
Computational Science and Engineering, 2009. CSE '09. International Conference on
Conference_Location
Vancouver, BC
Print_ISBN
978-1-4244-5334-4
Electronic_ISBN
978-0-7695-3823-5
Type
conf
DOI
10.1109/CSE.2009.336
Filename
5283287
Link To Document