Manage Operations - Morland-Austin

IT GRC Knowledge Base » IT Compliance Management » IT Compliance Management – SOX 404 » SOX IT Controls » Manage Operations

This article provides an overview of SOX 404 control Manage Operations.

The typical SOX 404 IT controls for Manage Operations are outlined below.

Description: Systems are adequately maintained through standard procedures and processes, vendor management, monitoring, vulnerability management and facilities management.

Control Objective: A documented process exists and is enforced to perform approved operational procedures, manage outsourced IT services, monitor IT infrastructure and manage environments and facilities.

Typical Evidence:

The process describes the patching strategy.
There is a documented process for applying patches.
The process defines when patching will occur.
The process demonstrates that patches are reviewed before implementation.

For more information please contact Morland-Austin at info@morland-austin.com.

Find your way around our IT GRC Framework Educate & Explore

Where next?

Increase your knowledge
Links & relationships within the framework

Find out how Manage Operations link(s) and relate(s) to:

Speak to one of our experts

Our IT GRC experts can help you with guidance and consultancy on ‘IT Compliance Management – SOX 404’