ITIL was around before SOX, and the two barely have anything in common. Where SOX and ITIL overlap is in the approval for changes and monitoring SOX-related assets for unauthorized changes. The only reason there is any overlap is because ITIL gives you guidelines on how to do change management.
I think SOX is worse than ITIL in vagueness. Basically, a company has to define what they think SOX is about and build rules to enforce that. There is no common understanding of SOX, where at least in ITIL you can tell the difference between an incident and a problem. Personally, I'm not opposed to ITIL. I have worked at some places that have bad or non-existent processes for dealing with customers and other I.T. groups. ITIL should be able to benefit those types of companies that need some guidance in improving their processes, but should not be used to beat people down. Shawn Pierson -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Drew Shuller Sent: Wednesday, September 19, 2007 3:48 PM To: arslist@ARSLIST.ORG Subject: Re: OT -- Sort Of: Computerworld reports on ITIL I'm not disagreeing, but wasn't ITIL of an outgrowth of SOX, which was a reaction to ENRON-like behavior? If that's the case then we're not necessarily getting cheaper/better/more revenue but rather a standardized accounting method? Drew ________________________________________________________________________ _______ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" Private and confidential as detailed <a href="http://www.sug.com/disclaimers/default.htm#Mail">here</a>. If you cannot access hyperlink, please e-mail sender. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"