• If a corporation is using e-signatures on documentation, will the e-signature cause a failure in a SOX audit?

    Currently we are debating whether or not e-signatures should be allowed as management approval. One co-worker specifically stated e-signatures are not allowed by SOX. I cannot find any arguments in favor or opposed to this claim. Do you have any information regarding e-signatures and SOX...

    BrianBorsc5 pointsBadges:
  • How long are you required to keep phone recordings for PCI Compliance

    Call Center taking calls with credit card information given. How long are we to keep these recordings for PCI Compliance?

    LCooley5 pointsBadges:
  • Apache SSLCipherSuite continues to fail in PCI compliance scan

    We have a Fedora server that's running on Apache to pass a PCI DSS compliance scan by McAfee. Here's what we used for the default SSLCipherSuite and SSLProtocol. SSLProtocol ALL -SSLv2 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP So it failed because of weak ciphers. We changed it...

    ITKE1,004,850 pointsBadges:
  • External IT company auditing security and policies

    We have an external IT company auditing our security and policies. What kind of access should we give them? Should we be worried about auditing the auditors?

    Troubleshooter24755 pointsBadges:
  • Internet Explorer vs. Firefox

    Hello, I'm the Assistant Editor on SearchWindowsSecurity.com. I'm looking to start a discussion about what browser people are using and why. Also, is anyone considering switching from IE to Firefox, or are your plans to stay with IE? Here's some food for thought... As of Feb. 2005, an estimated 35...

    LMullen0 pointsBadges:
  • Finger Print in PCI Compliance

    I would like to know recommendation about finger printing scan in PCI perspective. Thanks

    alinaeem5 pointsBadges:
  • layer 2 & layer 3 switch

    Hi All, what is the basic difference between layer 2 & layer 3 switch. how can configure layer 2 & layer3 managable switch

    Psharma11760 pointsBadges:
  • BCM vs. Risk Management

    While introducing GRC, all the risks are taken in to consideration & countermeasures are defined, why we need BCM separately?

    SanjayBirari15 pointsBadges:
  • System to System Process Communications

    For interactive remote access (IRA) into devices within protected security perimeters, IRA is currently limited to Humans at keyboards. What would constitute system to system communications from outside of an electronic security perimeter to devices internal to the perimeter?

    jerry10215 pointsBadges:
  • Compliance conferences

    What are some good IT Security Compliance conferences to attend? Thanks, Kevin

    compliancechecker5 pointsBadges:
  • TIC compliant

    How would I go about making our SaaS LMS TIC compliant?

    Jscullion5 pointsBadges:
  • Return using another SAP platform

    A year or so ago an expensive material was shipped to another country. Now the country wants to ship it back but the part of the company that entered the order doesn't want process the return nor give a credit to the customer. It is against SOX guidelines to enter a PO in another SAP platform and...

    soxquestions1235 pointsBadges:
  • Uninstallation of Norton WMI update

    Respected recipient, I am currently having a trouble in uninstalling Norton anti-virus VMI update. My company got Norton anti virus software installed on the system from the Norton anti virus software CD and it was not Norton system works, just the Norton anti virus software. After somedays, it...

    Nishant70 pointsBadges:
  • Network Connection Freezes

    For some reason, at random, among 20 PCs on my network, in the morning or during the day, the network connection stops responding for both intranet and internet communications. The only solution thus far is to remove the NIC from the Device Manager, reboot the PC, and let Windows XP Pro find the...

    DboiSOBE0 pointsBadges:
  • How to use VCM research to determine how we can capture reports to ensure compliance

    Which reports in VCM are affected by Sarbanes-Oxley Act?

    jg97345 pointsBadges:
  • Allow regular user to unlock screensaver locked computer

    We have the problem that in a multiuser environment users either lock their computers, or have the screensaver automatically lock it, and leave the workstation. As a result, nobody else can use that computer. By default, only the current user or an adminstrator can unlock the computer. I would like...

    AdminGurl0 pointsBadges:
  • Make schedules of compliance

    How can I make schedules of compliance?

    akshu3310 pointsBadges:
  • How can I make schedules in cloud compliance software?

    Our company has a cloud compliance software and I'm newto this company. And I don't how make schedules for showing compliance in dashboard.

    akshu3310 pointsBadges:
  • How to become ISO 27002 compliant

    We are being asked by a key customer to be ISO 27002 compliant. We have already provided all of the items to them related to 27002 including SSO enabled, Security Test and IDM. We need to turn a certification quickly - what is the scope and timing and cost of such audit?

    steveragan5 pointsBadges:
  • Role of QIR

    If someone is a QIR and they are going to install the certified payment application at a merchant site, but find that the merchant is running a non-compliant OS, then doesn't the QIR have to stop the install or proceed to perform the install but note that it was not installed per the applications...

    kbrown19135 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.

Following