Monday, October 03, 2005
Expert: Regulations shouldn't drive ID management
Organizations should not look to identity management as a simple solution to comply with laws such as the Sarbanes-Oxley Act of 2002, a U.S. law governing financial and internal reporting controls, said Andy Woodfield, director of the IT security team at PricewaterhouseCoopers LLP.
"A lot of media and telecom businesses have grown very quickly, acquired lots of businesses and focused on growing subscriber numbers ... not necessarily on good business process controls," Woodfield said. "So now things like Sarbanes-Oxley are asking to put the controls back in place."
See full Article.