IT SOX Compiance: Cost effective, risk-based compliance

Tripwire gives IT internal controls to continually collect and protect sensitive information needed to report evidence of IT SOX compliance, making audits quick and cost effective.

Tripwire delivers a comprehensive solution by:

• Addressing the Acquire and Implement (AI) and Delivery and Support (DS) guidelines of COBIT with out-of-the-box change audit reporting and a library of COBIT configurations.
• Comparing configurations of systems to “gold systems”, reporting and remediating configuration items that vary from the “golden system” standard.
• Identifying authorized and unauthorized changes or suspicious event activity over a period of time with reports that display trends in the effectiveness of and adherence to change process controls.
• Providing industry standards and benchmarks to automatically assess configurations, determining the degree of risk for operational, regulatory and security vulnerabilities.
• Continuously maintaining a known and trusted state by establishing a secure baseline against which to measure change, and then automating the repair of configuration items if they fall out of compliance.

COBIT

The Control Objectives for Information and related Technology (COBIT) framework helps organizations get the most value from their technology investments by offering guidance for IT governance and controls. Portions of the framework focus on the delivery and support aspects of information systems, and Tripwire Enterprise incorporates the COBIT framework through custom configuration assessment profiles used to help organizations maintain compliance with those parts of the standard.