| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3FA6BFDC.4050803@jackhammer.org> From: pdt at jackhammer.org (Paul Tinsley) Subject: Corporate Information Security Accountability Act of 2003 Sorry if this has been discussed already, but I figured many of you would find this interesting and possibly disturbing. http://www.computerworld.com/securitytopics/security/story/0,10801,86455,00.html?nas=PM-86455 October 27, 2003 New Law Would Require Computer Security Audits & Status Reports Computerworld reports new legislation being drafted by Congress would require all publicly-traded companies to conduct independent computer security assessments and report the results yearly in their annual reports. Known as the Corporate Information Security Accountability Act of 2003, the bill is being sponsored by Rep. Adam Putnam, (R-FL), chairman of the House Subcommittee on Technology, Information Policy, Intergovernmental Relations, and the Census. The bill would require companies to inventory their critical IT assets; provide an annual risk assessment; spell out their risk mitigation, incident response and business continuity plans; lay out company policies and procedures for reducing security risks to an acceptable level; and detail tests of the company's security controls and techniques to ensure their effectiveness.
Powered by blists - more mailing lists