Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
2005
A Sarbanes-Oxley (SOX)
Compliance Driven Risk
Assessment Model
Team:
Mahesh Babu
Chetak Sirsat
Sarbanes-Oxley Act of 2002
• Threat Definition
– Source, Motivation, Action, Resource,
Capability
• Threat Categorization
• Threat Evaluation
• SOX compliance related threats
identified based on previous audit
findings and the results of the
application assessment from Step 1.
Step 4: Vulnerability Identification