HP: SOX404 Compliance, Business Process Monitoring Tools
Every CEO knows the scale of effort required for SOX404-compliance. In this paper, HP discusses how its open standard principles, business process monitoring tools and skilled, dedicated people are absolutely essential to the company’s initial compliance drive and sustaining that effort.
HP shares the experiences and insights it has gained in working to address its own plans for compliance with Sarbanes-Oxley 404. From the perspective of HP, the challenge is best approached with the right combination of people, processes and technology. Applying the principles of open standards reference models, including our own HP ITSM Reference Model, in a step-by-step manner, has given everyone in the company a common language and a common process-based approach to use in planning and documentation. Additionally, it is important for this common language to fit within the overarching control framework, COSO, to allow for easy roll-out and translation of COSO into components to which each of the businesses and functional areas within HP can relate to.
The HP approach has been to use the standard reference models to describe the control environment and then begin to use this to implement monitoring solutions. In taking this approach, the goal for HP is to use these common language and frameworks to help better communicate business processes, their supporting controls and the IT applications and data centers that support them in working towards continued business improvement and ongoing monitoring of controls within the COSO framework.
To download the full white paper, please follow the Hewlett Packard - Featured Supplier link below.