The Sarbanes-Oxley (SOX) Act, passed in July 2002, is the most dramatic change to federal securities laws since the 1930s. The Act radically redesigns federal regulation of public company corporate governance and reporting obligations. It also significantly tightens accountability standards for directors, officers, auditors, securities analysts, legal counsel, and IT departments. Even if your help desk does not setup user accounts, or deal directly with audits, you still need to be aware of all the violations your team can make. Here are some points to consider.
VPN: Does VPN access open people up to your entire network, or is it broken up into groups such as employees & contractors? Do you allow contract employees to have the same VPN access as employees? If you do, perhaps you should re-think that. If you do separate contractors and employees, how easy is it for someone to get the wrong .pcf file that allows them access to your entire network? Did you include the group .pcf file in any of your computer images? 
Password reset: Your help desk should be very savy to all the tricks used to access information. Does your help desk verify personal information for password resets? Suppose an employee decides they want to login as their manager to change their own personnel file? How easy would it be to access financial data the same way?
Contractors: Do contractors get the same level of access as employees? Do you setup contractor accounts to expire when the contracts expire?
Account setups: This is too broad of a subject for one blog entry, but if your help desk agents setup accounts, it is important that they understand the proper approval processes. Does your help desk verify that proper approval has been granted before setting up accounts or increasing access? Personnel access to financials and proprietary information should require careful review.
What are your thoughts about this topic? Tell me about it. Post a comment.
Here are a couple of software reviews for ticketing systems designed to help you implement a SOX compliant service desk:
Help Desk Software: LiveTime Offers an ITIL Certified Service Management Software
Help Desk Software: Web Help Desk May Be the Life Preserver For Your Help Desk
In this era market depends upon customer satisfaction. The priority is how to satisfied the customers quick & effective responds?. Help desk services are useful for customer satisfaction as per their needs by providing service 24 X 7 *365" & at present era help desk is a such service which is giving full satisfaction to the customer by solving their queries within some short span of time. Thus we can say that is a proving by self as a boon to business as growth of business totally depends upon the Customer Satisfaction.
Posted by: Kamal Kumar | June 13, 2008 4:00 AM | Permalink to Comment