JDPower
Member
With this act going in effect, what will be the OneWorld Users face as far as keeping multiple versions of development. Packages? Save Locations? Has anyone faced this as a requirement yet?
peterban
Reputable Poster
Hi JDPower
what is this act ?
Peter
what is this act ?
Peter
Alex_Pastuhov
Legendary Poster
What makes you think that it would impose such a requirement? - I wonder if this Act would indeed have such an effect, because one of the software tools that I sell (namely, Boomerang) would fit perfectly as a solution for any such requirement...
Regards,
Alex.
Regards,
Alex.
altquark
Legendary Poster
I really cannot see in the Sarbanes Oxley act a section that specifically points to the requirement of a save development environment.
However, the "archiving" and "backup" sections of the act can easily be answered optionally through a save pathcode - but specifically through good backup solutions - which is imperative for any implementation.
A lot of people are running around worried about the act in my opinion - which is understandable - but unfortunately JD Edwards has turned a deaf ear as far as the technical requirements behind the act - or at least, haven't provided any direction regarding the requirements. Of course if there is such a document, please have a link posted here !
On a side-note for those wihing to understand further - I have the sarbanes oxley acts on my website.
However, the "archiving" and "backup" sections of the act can easily be answered optionally through a save pathcode - but specifically through good backup solutions - which is imperative for any implementation.
A lot of people are running around worried about the act in my opinion - which is understandable - but unfortunately JD Edwards has turned a deaf ear as far as the technical requirements behind the act - or at least, haven't provided any direction regarding the requirements. Of course if there is such a document, please have a link posted here !
On a side-note for those wihing to understand further - I have the sarbanes oxley acts on my website.
JDPower
Member
The act is being enacted by SEC for public companies. The details depend on how you read them but my main concern was around the limited details from JDE on this. I see that some other readers concur. I wanted to see if anyone else was in the same situation.
JDPower
Member
I had seen some earlier communcations around Boomerang and another product called ViceVersa. I do not want to start another advertising war here, so if you can reply without trying to sell Boomerang to me how your product will do automated archiving of JDE objects for change management.
npde500
Member
There is an overview of SARBOX and Corporate governance in general at: http://www.theiia.org/itaudit/index.cfm?fuseaction=forum&fid=498 There is also a PowerPoint presentation on QuestDirect, named wn8910.ppt in the education libary. Also check out the PeopleSoft webcast deck at: http://www.bfmag.com/webcasts/6-05-03/slides.pdf (PeopleSoft face the same SARBOX challenges as JDE).
I believe most companies are leveraging COBIT/COSO to track risks and controls. PWC recently surveyed companies attitude and plans for SARBOX, it can be found at: http://www.barometersurveys.com/pro...lNewsByDocID/D63C106CE958FCBB85256D550072B841
It would be very helpful if JDE provided some recommendations, guidlines, checklists, COSO risk/control matrices that CNC, application, control and audit teams could work against but I haven't seen anything to date.
In my personal opinion I think most of the SARBOX requirements can be met by building sound operational and technical processes in and around JDE. In theory this could include improving backup processes for DEV and other environments.
Hopefully your company will have someone (or a team) on point for SARBOX compliance and reporting, if your company uses external auditors that person (or team) may be able direct specific questions to them.
Regards, Nick (An IT Auditor - Xe & ERP8 )
I believe most companies are leveraging COBIT/COSO to track risks and controls. PWC recently surveyed companies attitude and plans for SARBOX, it can be found at: http://www.barometersurveys.com/pro...lNewsByDocID/D63C106CE958FCBB85256D550072B841
It would be very helpful if JDE provided some recommendations, guidlines, checklists, COSO risk/control matrices that CNC, application, control and audit teams could work against but I haven't seen anything to date.
In my personal opinion I think most of the SARBOX requirements can be met by building sound operational and technical processes in and around JDE. In theory this could include improving backup processes for DEV and other environments.
Hopefully your company will have someone (or a team) on point for SARBOX compliance and reporting, if your company uses external auditors that person (or team) may be able direct specific questions to them.
Regards, Nick (An IT Auditor - Xe & ERP8 )
