See below marc email part >> Aditya Deshmukh [EMAIL PROTECTED] wrote: >> >>If you read the last line in para 6 you will find that anon >> mailbox is >> a requirement for SOX compliance. >> >> >And mailbox was ment for email Michael :) >> >> >But I think that "with a post and some concrete" mailbox >> will be Indeed >> be far more secure.....
> From: Madison, Marc [mailto:[EMAIL PROTECTED] > IANAL, But IMO use an Intranet web page that allows employees > to submit > anonymous html post to the web server via html. Now if your security > policy is pervasive then surely auditing is enabled on all > your systems, > thus removing any anonymity this would have provided. Have you > considered, dare I say, outsourcing? I only say this since > part of the > requirement calls for the company to provide sufficient anonymity to > individuals reporting issues. By the way the SOX whistleblowers > requirements have already been challenged in court so there might be > precedence on what is sufficient. You must be a mind reader - you just read my mind. And google search shows Some email providers giving out this service for about US$ 89.99. Maybe that is the best solution after all... You don't break your security policy and the auditors are also happy. ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
