Eric Siebert at Virtual Strategy Magazine has a nice write up titled Top 10 things you MUST read about virtualization and compliance
There are numerous compliance regulations that companies must follow these days including SOX, PCI and HIPPA. Trying to meet these compliance regulations is never easy and virtualization adds even more complexity on to an already challenging task. Further complicating the task is the fact that virtualization seems to be a grey area in many compliance specifications with very little detail on how to secure your virtual hosts. The items on this list include presentations from VMworld, webcasts from security vendors and white papers that will aid you in your quest to achieve compliance in your virtual environment.
Yet again, a must read, and on something none of us can do without understanding.