Sarbanes-Oxley IT Compliance Using Open Source Tools, Second Edition

Chapter 7: What's Second

Definition of Information Requirements

"To face tomorrow with the thought of using the methods of yesterday is to envision life at a stand-still. To keep ahead, each one of us, no matter what our task, must search for new and better methods for even that which we now do well must be done better tomorrow."

James F. Bell

At the risk of diminishing the above quote we will venture to relate it in the context of this chapter. If we assume you have followed a quality standards framework such as COBIT or ITIL as a guideline and implemented an conforming IT environment, given the changes and advances in technologies as well as the ever changing requirements of your particular business it would be fool hearted if not even negligent of organization to assume that the implemented methods, practices and infrastructure could persist without evolving as the requirements and needs change. To clearly state the intent of this chapter, it is to setup guidelines for processes, practices and policies to ensure that a company's IT Organization continues to be able to meet the needs of the company by evolving with those needs with an eye to achieving and sustaining necessary compliance objectives.

In this chapter, we will look at the numerous control objectives in the COBIT "Acquisition & Implementation" domain and ITIL materials that relate to change management. Based on our experience, we offer suggestions on how a small to medium-size company might be able to reduce these...

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Information Technology (IT) Staffing Services
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.