Originally posted by Mr. Security
There are reasons why laws like HIPPA and SarOx were passed. And still, the IT and corporate communities are screaming, "Where's our ROI on SarbOx compliance?!"
You don't GET ROI. You follow the law because jackasses like the board at Enron tried to make some cash destroying our economy. You want ROI? Then figure out the cheapest method of deploying the SarbOx controls required by law, and make sure they're done right, so your not expending capital redoing the efforts over and over again.
Leave a comment: