The Community for Technology Leaders
2009 International Conference on Computational Science and Engineering (2009)
Vancouver, Canada
Aug. 29, 2009 to Aug. 31, 2009
ISBN: 978-0-7695-3823-5
pp: 386-391
ABSTRACT
Canadian companies have been struggling with the Bill 198 (CSOX) compliance. The main problem is the lack of clear guidelines and the non-existence of a specific compliance process the IT staff could use to achieve the IT control objectives of the Bill 198. This research paper demonstrates a possibility of creating a new comprehensive framework to accomplish the compliance goal by aligning three existing effective frameworks COBIT 4.1, ITIL v3, and the ISO/IEC 27002 standard. It is shown in the paper, that relative to the current CSOX compliance practices, the new framework provides for higher efficiency and reduction of resources needed to comply with the Bill.
INDEX TERMS
CSOX, Bill 198, COBIT, ITIL, ISO27002, compliance
CITATION

Z. Huang, P. Zavarsky and R. Ruhl, "An Efficient Framework for IT Controls of Bill 198 (Canada Sarbanes-Oxley) Compliance by Aligning COBIT 4.1, ITIL v3 and ISO/IEC 27002," 2009 International Conference on Computational Science and Engineering(CSE), Vancouver, Canada, 2009, pp. 386-391.
doi:10.1109/CSE.2009.336
94 ms
(Ver 3.3 (11022016))