[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <BAY106-F24468E7441ECEBA1880198944D0@phx.gbl>
Date: Thu Dec 1 16:11:43 2005
From: wilder_jeff at msn.com (wilder_jeff Wilder)
Subject: Re: SOX whistleblowers' clause Compliance
Can some please send me the actual regulation that states or validates the
comments of
http://www.nonprofitrisk.org/nwsltr/archive/employprac091005-p.htm ?
I am in this very situation right now.
-Jeff Wilder
CISSP,CCE,C/EH
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M--
V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++
G e* h--- r- y+++*
------END GEEK CODE BLOCK------
>From: "Aditya Deshmukh" <aditya.deshmukh@...ine.gateway.strangled.net>
>Reply-To: adityad2005@...rs.sourceforge.net
>To: "'InfoSecBOFH'" <infosecbofh@...il.com>
>CC: full-disclosure@...ts.grok.org.uk
>Subject: RE: [Full-disclosure] Re: SOX whistleblowers' clause Compliance
>Date: Thu, 1 Dec 2005 11:36:10 +0530
>MIME-Version: 1.0
>Received: from lists.grok.org.uk ([195.184.125.51]) by
>bay0-mc7-f4.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Wed, 30
>Nov 2005 22:20:01 -0800
>Received: from lists.grok.org.uk (localhost [127.0.0.1])by
>lists.grok.org.uk (Postfix) with ESMTP id D0597A1C;Thu, 1 Dec 2005
>06:19:51 +0000 (GMT)
>Received: from Online.GateWay.TechnoPagans.COM (unknown [220.224.19.31])by
>lists.grok.org.uk (Postfix) with ESMTP id CA6009C8for
><full-disclosure@...ts.grok.org.uk>;Thu, 1 Dec 2005 06:19:04 +0000 (GMT)
>Received: from c5 (localhost [127.0.0.1])by Online.GateWay.Strangled.NET
>with ESMTP (Mailtraq/2.7.1.1894) idONLN2AF3A0C3; Thu, 01 Dec 2005 11:36:12
>+0530
>X-Message-Info: JGTYoYF78jGGLGElHpjcGS/5PgtYfJvSs6ruuz19gQA=
>X-Original-To: full-disclosure@...ts.grok.org.uk
>Delivered-To: full-disclosure@...ts.grok.org.uk
>Organization: Enterprise Security Solutions
>X-Mailer: Microsoft Office Outlook 11
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>Thread-Index: AcX1/vYkXiB6TIi0ToWrzUWPg4XoCgAPLSow
>X-Hops: 1
>X-BeenThere: full-disclosure@...ts.grok.org.uk
>X-Mailman-Version: 2.1.5
>Precedence: list
>List-Id: An unmoderated mailing list for the discussion of security
>issues<full-disclosure.lists.grok.org.uk>
>List-Unsubscribe:
><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>,
><mailto:full-disclosure-request@...ts.grok.org.uk?subject=unsubscribe>
>List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
>List-Post: <mailto:full-disclosure@...ts.grok.org.uk>
>List-Help: <mailto:full-disclosure-request@...ts.grok.org.uk?subject=help>
>List-Subscribe:
><https://lists.grok.org.uk/mailman/listinfo/full-disclosure>,
><mailto:full-disclosure-request@...ts.grok.org.uk?subject=subscribe>
>Errors-To: full-disclosure-bounces@...ts.grok.org.uk
>Return-Path: full-disclosure-bounces@...ts.grok.org.uk
>X-OriginalArrivalTime: 01 Dec 2005 06:20:03.0962 (UTC)
>FILETIME=[445375A0:01C5F63F]
>
> > Seeing how my question was ignored. I will tell you the answer.
> >
> > There is no requirement in SOX to do this.
>
>Why cant you use google to find out this ?
>-------------------------------------------------------------------
>http://www.nonprofitrisk.org/nwsltr/archive/employprac091005-p.htm
>
>*In the para 4*
>"Protecting whistleblowers is an essential component of an ethical
>and open work environment."
>
>*In para 6* <----- this is the one that you want
>"Provide Employees Multiple Avenues to Report Concerns"
>
> While employees will hopefully feel comfortable raising concerns
> directly with their supervisors, many employees are reluctant to
> raise concerns with line management for fear of retaliation,
> especially where their concerns pertain to unethical or illegal
> conduct by their line managers. Therefore, nonprofits should provide
> several options for employees to raise concerns, including the
> option of raising a concern anonymously.
>-------------------------------------------------------------------
>If you read the last line in para 6 you will find that anon mailbox
>is a requirement for SOX compliance.
>
>And mailbox was ment for email Michael :)
>
>But I think that "with a post and some concrete" mailbox will be
>Indeed be far more secure.....
>
>
>
>________________________________________________________________________
>Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists