To comply with government and industry regulations, such as Sarbanes-Oxley, Gramm Leach Bliley (GLBA), and COBIT (which can be considered a best-practices framework), organizations must constantly detect, validate, and report unauthorized changes and out-of-compliance actions within the Information Technology (IT) infrastructure. Using the IBM® Tivoli Security Information and Event Manager solution organizations can improve the security of their information systems by capturing comprehensive log data, correlating this data through sophisticated log interpretation and normalization, and communicating results through a dashboard and full set of audit and compliance reporting.

In this IBM Redbooks® publication, we discuss the business context of security audit and compliance software for organizations and describe the logical and physical components of IBM Tivoli Security Information and Event Manager. We also present a typical deployment within a business scenario.

This book is a valuable resource for security officers, administrators, and architects who want to understand and implement a centralized security audit and compliance solution.

Part 1. Architecture and design

Chapter 1. Business context for IT security compliance management

Chapter 2. Designing an IT security compliance management solution

Chapter 3. Introducing the IBM Security Information and Event Management solution

Chapter 4. IBM Tivoli Security Information and Event Manager component structure

Chapter 5. Compliance management solution design

Part 2. Customer environment

Chapter 6. Introducing X-Y-Z Financial Accounting

Chapter 7. Compliance management design

Chapter 8. Basic auditing

Chapter 9. Extending auditing to other supported platforms

Chapter 10. Customized and regulatory reporting

Chapter 11. System z integration

Chapter 12. Custom event source integration

Appendix A. Corporate policy and standards

Appendix B. Additional material