• DocumentCode
    1804180
  • Title

    An Efficient Framework for IT Controls of Bill 198 (Canada Sarbanes-Oxley) Compliance by Aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002

  • Author

    Huang, Zhitao ; Zavarsky, Pavol ; Ruhl, Ron

  • Author_Institution
    Coll. of Alberta, Dept. of Inf. Syst. Security, Concordia Univ., Edmonton, AB, Canada
  • Volume
    3
  • fYear
    2009
  • fDate
    29-31 Aug. 2009
  • Firstpage
    386
  • Lastpage
    391
  • Abstract
    Canadian companies have been struggling with the Bill 198 (CSOX) compliance. The main problem is the lack of clear guidelines and the non-existence of a specific compliance process the IT staff could use to achieve the IT control objectives of the Bill 198. This research paper demonstrates a possibility of creating a new comprehensive framework to accomplish the compliance goal by aligning three existing effective frameworks COBIT 4.1, ITIL v3, and the ISO/IEC 27002 standard. It is shown in the paper, that relative to the current CSOX compliance practices, the new framework provides for higher efficiency and reduction of resources needed to comply with the Bill.
  • Keywords
    ISO standards; law; telecommunication standards; Bill 198 compliance; COBIT 4.1; CSOX compliance practice; ISO/IEC 27002 standard; IT controls; ITIL v3; compliance goal; compliance process; information technology; Environmental management; Humans; IEC standards; ISO standards; Laboratories; Peer to peer computing; Protocols; Public key; Security; Testing; Bill 198; COBIT; CSOX; ISO27002; ITIL; compliance;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computational Science and Engineering, 2009. CSE '09. International Conference on
  • Conference_Location
    Vancouver, BC
  • Print_ISBN
    978-1-4244-5334-4
  • Electronic_ISBN
    978-0-7695-3823-5
  • Type

    conf

  • DOI
    10.1109/CSE.2009.336
  • Filename
    5283287