Sarbanes-Oxley Audit. HELP!!!!

Home Forums Server Operating Systems Windows Server 2000 / 2003 / 2003 R2 Sarbanes-Oxley Audit. HELP!!!!

Viewing 1 post (of 1 total)
  • Author
  • #127704

    Our company is preparing for a test audit in a week and a real audit by the end of the year. We have hired a consulatant, and to be as polite as I can: I’m not impressed.

    I ask questions like “What specifically needs to be shown in the security log?” I get answers like “The report needs to show any problems that might have occured.”

    I tried pinning him down and asking about specific event IDs for example, and got a deer in the headlights answer. The bottom line is that this person knows the very broad requirements, but none of the specific requirements of a Windows Server 2003 environment.

    The auditor at the end of the year, unfortunately is not the some “consultant” we have helping us right now.

    So, I am getting set up for failure at this point is my feeling.

    I desperately need a specific list of what is audited in a Windows Server 2003 enviroment. I need to know where the auditors go and what they look at so I can pass this audit. I need to know what reports are needed and the best way to generate them.

    So far all I seem to be able to find are generalities.

    Any help anyone can offer would be great.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.