Post #198,204
3/12/05 1:06:02 PM
|
New Forum Request?
How about a Compliance or Governance forum? For things like Sarbanes Oxley and HIPAA?
Glen Austin
|
Post #198,208
3/12/05 1:47:00 PM
|
-1. Where's the traffic?
I've seen perhaps two posts on those subjects..? A "Dumb Online Tests" forum might be more helpful. >:)
|
Post #198,209
3/12/05 2:08:30 PM
|
There doesn't seem to be much discussion out there.
E.g. [link|http://www.insidesarbanesoxley.com/sarbanes_oxley_blog/|Inside Sarbanes-Oxley] is a blog with recent articles. It shows up as #2 in a Google search for "sarbanes oxley blog". But it has no comments in any of the articles on the front page.
Similarly, the first [link|http://hipaablog.blogspot.com/|HIPAA blog] that I found lists no comments.
I think the secret to build traffic is to discuss something that shows up in a Google search (like SSL on the AS/400) or get traffic here from another site. My guess is that most who are concerned about SOX and HIPAA are much more comfortable with letting lawyers handle the issues than talking about them on public forums. I suspect it'll take years for that to change.
My $0.02.
Cheers,
Scott.
|
Post #198,210
3/12/05 2:21:19 PM
|
Agreed
Anybody who discusses specific implementation details of HIPAA or Sarbox in a public forum is probably skating on some mighty fine ice.
|
Post #198,212
3/12/05 2:29:05 PM
|
True; but how specific do you have to get?
[link|http://forfree.sytes.net|
] Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
|
|
Post #198,247
3/12/05 5:44:26 PM
|
Discussing any potential problems is even thinner
There seems to be a lot of room for interpretation in auditing. Should you do something that one auditor asks, and a later auditor decides that you should be doing it a different way, I have to think that public documentation of doubts about the first way of doing it would create a legal liability.
And that's a fairly safe topic. Discussion of ways in which people aren't doing what they are supposed to be doing (or are doing it but slower than you want) would be much worse.
So your choice is either to, like Skip, talk about how well things are going for you, or to speak in vague generalities. Neither is likely to be useful for people who want help.
Cheers,
Ben
I have come to believe that idealism without discipline is a quick road to disaster, while discipline without idealism is pointless. -- Aaron Ward (my brother)
|
Post #198,257
3/12/05 6:47:07 PM
|
*chuckle* Actually, I'm doing both.
Vague is good, in this context.
[link|http://forfree.sytes.net|
] Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
|
|
Post #198,211
3/12/05 2:27:03 PM
|
I'm the Sarbanes guy in my shop :-|
And I don't wanna talk about it.
Well, no, it's not that bad. We've been putting most of the controls required in place anyway, over the past year. The only problem has been gettng people to actually comply - and I've been tightening the noose slowly via audit logs, etc. over the last few months anyway. So I really don't have many questions. Most of the IT Sarbanes stuff has been commons sense really. Change controls, separation of development, testing, and live envronments, documented backups and security procedures, etc, etc. Our MIS has been giving me 100% support in this, a lot of the technical controls are trivial to set up on the '400. We have consultants to help make sure our bases are covered; the main guy I've been working with has said that we are one of the easest jobs he's had. He's basically just had to turn our written controls and our normal procedures into Visio documents.
*shrug*
There. I've prolly said about 90% of what I'd say in such a forum... Perhaps a thread or two under General Q&A?
[link|http://forfree.sytes.net|
] Imric's Tips for Living
- Paranoia Is a Survival Trait
- Pessimists are never disappointed - but sometimes, if they are very lucky, they can be pleasantly surprised...
- Even though everyone is out to get you, it doesn't matter unless you let them win.
|
Nothing is as simple as it seems in the beginning,
As hopeless as it seems in the middle,
Or as finished as it seems in the end.
|
|
Post #198,278
3/12/05 8:28:08 PM
|
If i talk about SOX, I'd have to...
...charge you money. :-)
Building SOX documentation tools on this end, but seriously not too money people are willing to discuss unless you have (a) money and (b) confidentiality agreements.
|
Post #198,308
3/13/05 1:02:22 AM
|
-1, I'm not talking about that if I'm not getting paid.
Dude. There are limits to the sick stuff I'll do on my own dime, y'know.
Peter
[link|http://www.ubuntulinux.org|Ubuntu Linux]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
|
Post #198,336
3/13/05 10:19:27 AM
|
Post your PayPal link. I'll chip in some change. :-)
|
Post #198,364
3/13/05 5:02:02 PM
|
Re: Post your PayPal link. I'll chip in some change. :-)
[link|https://www.paypal.com/xclick/business=peter%2ewhysall%40ntlworld%2ecom&no_shipping=0&no_note=1&tax=0¤cy_code=GBP|https://www.paypal.c...currency_code=GBP]
You'll need a lot of lolly to get much conversation out of me on this subject :-)
Peter
[link|http://www.ubuntulinux.org|Ubuntu Linux]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
|
Post #198,373
3/13/05 5:16:18 PM
|
25 lbs?!? I expect a book chapter for that much!
That's about a week's pay the way the dollar has dropped recently!
Cheers,
Scott.
|
Post #198,361
3/13/05 4:48:33 PM
|
No-way.
I don;t even like to talk about this crap at the office. There I need to talk about it. Those "Not Held Harmless' problems and so on SUCK.
-- [link|mailto:greg@gregfolkert.net|greg], [link|http://www.iwethey.org/ed_curry|REMEMBER ED CURRY!] @ iwethey[link|http://it.slashdot.org/comments.pl?sid=134485&cid=11233230|"Microsoft Security" is an even better oxymoron than "Military Intelligence"] No matter how much Microsoft supporters whine about how Linux and other operating systems have just as many bugs as their operating systems do, the bottom line is that the serious, gut-wrenching problems happen on Windows, not on Linux, not on Mac OS. -- [link|http://www.eweek.com/article2/0,1759,1622086,00.asp|source]
|
