Earn an NSA recognized IA Masters Online - The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/linsec/

Sarbanes-Oxley Act Overview

Looking at the integrity and accountability of financial reporting has become headline news. Widely publicized financial scandals have caused damage to investor, employee, and customer confidence. Government and regulatory agencies have enacted and are starting to enforce new regulations for corporate governance to restore confidence and trust. The response from the United States government regarding the Enron, WorldCom, and Tyco accounting scandals of the late 1990's was the Sarbanes-Oxley Act (The Act) of 2002. It establishes standards for maintaining and preserving electronic and paper records in addition to the accountability of corporate executives, employees, and auditors. The Act contains11 titles and also established new standards for corporate accountability and penalties of fines and imprisonment. Under the act, companies must validate financial statements, maintain auditing practices, report on the effectiveness of the internal controls, and assure integrity and timeliness of data.

The main purpose of the legislation is to make organizations and their executives be held responsible for the validity of corporate reporting. The reporting requires all companies with public interests to require executives to attest to the accuracy of the financial conditions and disclosure of internal weaknesses. An article written by Guardian Digital Inc. says that, "As mandated by SOX (the Sarbanes-Oxley Act), corporations can accommodate these regulations through the design, implementation, and maintenance of efficient and effective internal controls."

There are many sections to the SOA that President Bush signed. According to Mathew Bender in the book, "The Sarbanes Oxley Act of 2002 with Analysis", SOA contains two provisions requiring CEOs and CFOs to certify certain SEC filings. The first section requires them to certify that annual and quarterly reports have been reviewed by themselves, does not contain any untrue statement or omit to state a material fact, information fairly represents the situation, and they must disclose any deficiencies or changes to the internal controls. The second section requires that when a report is filed, the CEO or CFO must have a written statement saying that fully complies with the requirements and that it fairly represents the financial and operational results. If they certify the report knowing that it is false, they can face criminal penalties.

Security on your mind?

The Community edition of EnGarde Secure Linux is completely free and open source. Updates are also freely available when you register with the Guardian Digital Secure Network.

http://www.engardelinux.org/modules/index/register.cgi

LinuxSecurity.com Feature Extras:

EnGarde Secure Linux v3.0.7 Now Available - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.7 (Version 3.0, Release 7). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, several updated packages, and several new packages available for installation.

Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.

Take advantage of our Linux Security discussion list! This mailing list is for general security-related questions and comments. To subscribe send an e-mail to security-discuss-request@linuxsecurity.com with "subscribe" as the subject.

Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!