Home page logo
/

basics logo Security Basics mailing list archives

RE: Modelling IT processes / Mapping references
From: "Craig Wright" <cwright () bdosyd com au>
Date: Tue, 7 Mar 2006 15:47:57 +1100


Hi
 
See http://www.isaca.org for COBIT. It has mappings, documents and a partridge in a pear tree. They will want some 
money if you are not a member of the ISACA.
 
ISO17799, ISO27001 (BS7799...) are all copywrited and sold for a fee. SAN's however have a good number of GIAC 
documents relating to these under the G7799 stream.
http://www.giac.org/certified_professionals/listing/g7799.php
 
As for SOX (I assume 302 and 404 requiremnts). This is a financial services audit and I would have a chat with your 
auditors - a great many companies say they can help, but the real test will come to what the auditos are going to test 
and expect and having a chat with them will go a long way.
 
Craig

        -----Original Message----- 
        From: Boubacar Fadiga [mailto:b_fadiga () yahoo fr] 
        Sent: Sat 4/03/2006 7:50 PM 
        To: security-basics () securityfocus com 
        Cc: 
        Subject: Modelling IT processes / Mapping references
        
        
View As Web Page        
Hi All,
Has anyone gone through documentation of IT processes,
in line with ITIL, COBIT, BS(ISO1)7799, SOX,...
Could you please point me to any relevant samples,
guidelines,useful resources?
I am also interested in getting any existing mapping
of the above.
Thanks in advance.
BF


Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If you are not the intended recipient, you 
must not use or disclose the information. If you have received this email in error, please inform us promptly by reply 
email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy.  

Any views expressed in this message are those of the individual sender. You may not rely on this message as advice 
unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by 
a Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, 
interception, corruption or unauthorised access.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]