Oh hey, I’m an IT auditor, I work on Sox clients during half the year.
That really is an obscure topic, but I’m not sure I want to discuss it outside of work !
Seriously, I’d tune in. We have protocols “for Sox compliance”, but I’ve never been privy to an audit so have no idea if they’re effective.
As a DevSecOps professional, I may have opportunities to make compliance easier or more effective, if I knew how they worked or had any feedback
Edit: I love the idea of ComplianceAsCode mentioned here, and hadn’t read of it before but it looks all about infrastructure while I’m all about product builds
Oh hey, I’m an IT auditor, I work on Sox clients during half the year. That really is an obscure topic, but I’m not sure I want to discuss it outside of work !
Seriously, I’d tune in. We have protocols “for Sox compliance”, but I’ve never been privy to an audit so have no idea if they’re effective.
As a DevSecOps professional, I may have opportunities to make compliance easier or more effective, if I knew how they worked or had any feedback
Edit: I love the idea of ComplianceAsCode mentioned here, and hadn’t read of it before but it looks all about infrastructure while I’m all about product builds