| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Dec 1 16:11:43 2005 From: wilder_jeff at msn.com (wilder_jeff Wilder) Subject: Re: SOX whistleblowers' clause Compliance Can some please send me the actual regulation that states or validates the comments of http://www.nonprofitrisk.org/nwsltr/archive/employprac091005-p.htm ? I am in this very situation right now. -Jeff Wilder CISSP,CCE,C/EH -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M-- V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++ G e* h--- r- y+++* ------END GEEK CODE BLOCK------ >From: "Aditya Deshmukh" <aditya.deshmukh@...ine.gateway.strangled.net> >Reply-To: adityad2005@...rs.sourceforge.net >To: "'InfoSecBOFH'" <infosecbofh@...il.com> >CC: full-disclosure@...ts.grok.org.uk >Subject: RE: [Full-disclosure] Re: SOX whistleblowers' clause Compliance >Date: Thu, 1 Dec 2005 11:36:10 +0530 >MIME-Version: 1.0 >Received: from lists.grok.org.uk ([195.184.125.51]) by >bay0-mc7-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 30 >Nov 2005 22:20:01 -0800 >Received: from lists.grok.org.uk (localhost [127.0.0.1])by >lists.grok.org.uk (Postfix) with ESMTP id D0597A1C;Thu, 1 Dec 2005 >06:19:51 +0000 (GMT) >Received: from Online.GateWay.TechnoPagans.COM (unknown [220.224.19.31])by >lists.grok.org.uk (Postfix) with ESMTP id CA6009C8for ><full-disclosure@...ts.grok.org.uk>;Thu, 1 Dec 2005 06:19:04 +0000 (GMT) >Received: from c5 (localhost [127.0.0.1])by Online.GateWay.Strangled.NET >with ESMTP (Mailtraq/2.7.1.1894) idONLN2AF3A0C3; Thu, 01 Dec 2005 11:36:12 >+0530 >X-Message-Info: JGTYoYF78jGGLGElHpjcGS/5PgtYfJvSs6ruuz19gQA= >X-Original-To: full-disclosure@...ts.grok.org.uk >Delivered-To: full-disclosure@...ts.grok.org.uk >Organization: Enterprise Security Solutions >X-Mailer: Microsoft Office Outlook 11 >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 >Thread-Index: AcX1/vYkXiB6TIi0ToWrzUWPg4XoCgAPLSow >X-Hops: 1 >X-BeenThere: full-disclosure@...ts.grok.org.uk >X-Mailman-Version: 2.1.5 >Precedence: list >List-Id: An unmoderated mailing list for the discussion of security >issues<full-disclosure.lists.grok.org.uk> >List-Unsubscribe: ><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, ><mailto:full-disclosure-request@...ts.grok.org.uk?subject=unsubscribe> >List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure> >List-Post: <mailto:full-disclosure@...ts.grok.org.uk> >List-Help: <mailto:full-disclosure-request@...ts.grok.org.uk?subject=help> >List-Subscribe: ><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, ><mailto:full-disclosure-request@...ts.grok.org.uk?subject=subscribe> >Errors-To: full-disclosure-bounces@...ts.grok.org.uk >Return-Path: full-disclosure-bounces@...ts.grok.org.uk >X-OriginalArrivalTime: 01 Dec 2005 06:20:03.0962 (UTC) >FILETIME=[445375A0:01C5F63F] > > > Seeing how my question was ignored. I will tell you the answer. > > > > There is no requirement in SOX to do this. > >Why cant you use google to find out this ? >------------------------------------------------------------------- >http://www.nonprofitrisk.org/nwsltr/archive/employprac091005-p.htm > >*In the para 4* >"Protecting whistleblowers is an essential component of an ethical >and open work environment." > >*In para 6* <----- this is the one that you want >"Provide Employees Multiple Avenues to Report Concerns" > > While employees will hopefully feel comfortable raising concerns > directly with their supervisors, many employees are reluctant to > raise concerns with line management for fear of retaliation, > especially where their concerns pertain to unethical or illegal > conduct by their line managers. Therefore, nonprofits should provide > several options for employees to raise concerns, including the > option of raising a concern anonymously. >------------------------------------------------------------------- >If you read the last line in para 6 you will find that anon mailbox >is a requirement for SOX compliance. > >And mailbox was ment for email Michael :) > >But I think that "with a post and some concrete" mailbox will be >Indeed be far more secure..... > > > >________________________________________________________________________ >Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.grok.org.uk/full-disclosure-charter.html >Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists