• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 256
  • Last Modified:

Regulations for my organization

I have been at this job now for about a year. It's been a very crazy year. The guy before me left the network a mess. It was common for DNS issues the phone systems and other things to go down on a weekly basses. After getting the network stable and finally just rebuilding and upgrading the whole thing to 2003 windows and upgrading all the desktops to XP. I am now wondering what my 501c nonprofit organization that provides loan (so I'm guessing we're a financial institution) would fall under. I would like to know so that I can begin to work towards making sure we are following all regulations for our industry. Where can I find information about this or where can I go to find out what we should be following?
  • 2
1 Solution
daviddvg1Author Commented:
Thanks. I know my accounting department is following this, but i've heard one of the VP's say that since we're 501c we don't need to. What must I do from an IT Dept point of view. Should i be archiving all email? should my servers be in lock down 24/7? I have a door w/ a lock on it to the servers, but know one knowes where keys maybe.
As a good practice from a security standpoint, I would recommend reviewing the SOX and other applicable regulations as they will help protect the organization from harm.  Most of these are guides to assist with best practice methods.

I would suggest that you contact SOX or someone outside of the organization and verify if they agree that you do or do not fall under this regulation because the organazation is a 501c and that you do not have to follow the SOX regulations.  I would actually be somewhat surprised that you would not have to follow them because you are handling finicail information.

In order to best protect the IT Staff, I would also suggest besides the SOX, review the NIST guidelines to help better protect your systems and ultimately yourselves.


If one where to follow the baseline for best router configuration practice, firewall, server, etc...This can only better prepare an organization for attacks in the future.  I have worked with one 501c and secured their network.  I believe because they were a 501 organization that is why we saw high volume of illegitimate traffic.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now