in

Platinum Bay

Peace, Love, and...

This Blog

Syndication

Tags


.NETicated

Microsoft Publishes VSTS SOX Guidance

About two months ago I started a series on Sarbanes-Oxley compliance with Team Foundation Server. After publishing Part 2, I learned that Microsoft was in the process of putting together their own take on the subject, and I thought I would hold off until the release.

That paper has now been released. You can get it here.

All in all, I feel there are several SOX 404 issues that are not discussed or discussed only briefly which are relevant to a regulated organization. One of these topics is separation of duties. However, I further realize that I was approaching Sarbanes-Oxley compliance from a very narrow perspective.

I used to work for a financial services software company. In that environment, every line of code that went into the software was governed by Sarbanes-Oxley (and others), and therefore had to comply with all aspects of SOX. This is not the more general approach taken by the Microsoft paper.

But overall I feel Microsoft did a good job putting it together. What do you think? Did it cover all your issues?

Published Apr 09 2008, 09:38 PM by Steve
Filed under: ,

Comments

No Comments

Leave a Comment

(required )  
(optional )
(required )  
Add

About Steve

Steve Andrews is an independent consultant, INETA speaker, and Microsoft MVP for Visual Studio ALM. He has been working in technology for over ten years focusing on custom application development and Application Lifecycle Management. Steve is also Microsoft and IBM certified and a community fanatic having led sessions at nearly 100 events across North America. When he's not developing software solutions or engaging with the community about software technology, Steve is a closet singer and songwriter and plays the guitar and keys. Occasionally, Steve even gets to sleep. Occasionally.
Powered by Community Server (Commercial Edition), by Telligent Systems
© Platinum Bay | Some Rights Reserved Creative Commons License

Disclaimer: The information in this weblog is provided "AS IS" with no warranties, and confers no rights. This weblog does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion. Feel free to challenge me, disagree with me, or tell me I'm completely nuts in the comments section of each blog entry, but I reserve the right to delete any comment for any reason whatsoever (abusive, profane, rude, or annonymous comments) - so keep it polite, please.