Automating IT Controls and Compliance

COBIT is a controls and compliance policy. SOX and PCI are regulatory mandates. When you get an audit for SOX or PCI compliance, you need to prove that you have policies and function in place and you need evidence. You need to be able to show that you have polices and procedures in place. Log data is vital in compliance. Andy talks about the attributes of a good log management and intelligence system: *Agile reporting *Standardized reporting packages – SOX or PCI compliance that map back to real world compliance controls *Ability to rapidly search vast amounts of log data *Secure storage *Maintaining the chain of custody “We believe th...