Bert,
Sarbanes-Oxley requires a 'default deny' approach to security. If a user needs access to a function ro table, they must go through an approval process (access approved by the controller or CFO). he easiest method is to use *PUBLIC with action code set to *ALL 'N N N N' for Inquiry, Add, Change, Delete and then grant back access as approved. This increases your security work but locks users out of inquiry and entry screens. You will also need to remove command line access.
You can use groups for initial user security then grant back additional access as approved for specific users. You may also need to restrict access to specific BU's depending on your operation.
brsterna <
[email protected]> wrote:
I have been asked by our CIO to begin a project to evaluate ourJDE system for Sarbanes-Oxley to review controls and procedures. Has anyone else out there done this or in the process of doing it. Has JD Edwards providing any assistance for customers with this issue?
Bert Sternal
World A73, cum 12
--------------------------
To view this thread, go to:
http://www.jdelist.com/ubb/showthreaded.php?Cat=&Board=Apps&Number=63344
This is the JDELIST Applications Mailing List. To stop receiving these messages, login to
http://www.jdelist.com/forums, click Control Panel, then click Edit by "Subscribe / Unsubscribe from receiving board posts by email, change message notifications, etc." and adjust your subscription preferences. JDEList is not affiliated with JDEdwards®
---------------------------------
Do you Yahoo!?
Exclusive Video Premiere - Britney Spears
World, OW B733X and Xe