The Microsoft SQL Server Customer Advisory Team (SQLCAT) have published a compliance guide for SQL Server 2008.

The guide covers:

  • Understanding Compliance
  • Implementing IT Controls with SQL Server 2008
  • Securing the Platform
  • Controlling Identity and Separation of Duties
  • Separation of Duties
  • Encrypting Database Data
  • Auditing Sensitive Operations
  • Using Policy-Based Management to Define, Deploy, and Validate Policy

It does also include scripts.

http://sqlcat.com/whitepapers/archive/2008/11/15/reaching-compliance-sql-server-2008-compliance-guide.aspx