As many people may already know I’m working on a SQL Server security book which is due out Q1 of next year. One thing which I’m including in the book are check lists that people can follow to help them pass the various audits which we as IT professionals now have to pass. If you’ve got a checklist that you use at work, that you are able to share I would really appreciate it if you could send those over to me. The reason that I’m putting out this call is that every auditor looks for different information, so I’m trying to put together a sort of master list of items to look at.
I’m going to collect the various checklists and combine them into a sort of master check for each type of external audit. I’m sure that there are more audits than what I’m listing here, so if you know of a type of audit that you’ve had to deal with feel free to send them over as well. I know of PCI, SOX (Sarbanes–Oxley), and HIPAA audits.
If you don’t have a checklist but you have an audit you’d like to share (please be sure not to get yourself fired for sending it to me) I can take that and turn them into a checklist. If you send an audit I’ll be sure to not publish any confidential information about your company.
Anything that you can find and send between now and the end of September 2010 would be great as that will give me a couple of weeks to put everything together for my editor. Anything you can send please send to mrdenny AT mrdenny DOT com.