[From Search SQL Server]
My company needs to meet Sarbanes-Oxley compliance for all its Information Technology (IT) department layers and products, including SQL Server. We’re running SQL Server 2000 and SQL Server 2005 with no security standards. What is the process for meeting SOX compliance? What else should I do in order to secure my SQL Server environment and prepare for security audits? Where should I start looking?
The article continues at
http://searchsqlserver.techtarget.com/tip/0,289483,sid87_gci1312646,00.html