Auditor Bob
Member
Hello all!
I've recently moved into a new role at my company and your assistance would be greatly appreciated, as it will help me make a great first impression on my new supervisor.
The company I am working for runs JDE and I have been tasked with auditing segregation of duties as it relates to change management. Specifically, I need to request, obtain, and review the proper evidence to prove that no users with access to perform development (make a change) can also move changes into the production environment.
Can you all please help me out by letting me know what pieces of documentation I should request, and then what I am specifically looking for?
I have an audit program that indicates that individuals with the System Administrator role can perform all functions and, thus, are in violation of SoD conflicts, but I don't understand how based on the documentation. This is for SOx, by the way, if that matters.
I've recently moved into a new role at my company and your assistance would be greatly appreciated, as it will help me make a great first impression on my new supervisor.
The company I am working for runs JDE and I have been tasked with auditing segregation of duties as it relates to change management. Specifically, I need to request, obtain, and review the proper evidence to prove that no users with access to perform development (make a change) can also move changes into the production environment.
Can you all please help me out by letting me know what pieces of documentation I should request, and then what I am specifically looking for?
I have an audit program that indicates that individuals with the System Administrator role can perform all functions and, thus, are in violation of SoD conflicts, but I don't understand how based on the documentation. This is for SOx, by the way, if that matters.