Results 1 to 4 of 4

Thread: SOX audits - seeking answers

  1. #1
    Member
    Join Date
    Apr 2002
    Location
    CA, USA
    Posts
    138

    SOX audits - seeking answers

    Hello All,

    We are now going through SOX compliance requirements. Can anyone provide any feedback as to what software you are using that helps you prepare when the auditors request info.

    So far, the questions have been JDE IDs, user roles, and application security related.

    We are on JDE 9.0 update 1. Tools 9.1.5.7 on Windows/SQL platform.

    thank you

  2. #2
    Member
    Join Date
    Apr 2003
    Location
    Ohio, USA
    Posts
    405
    Hi,

    My company uses a product from ALLOUT Security.

    If you want to take a stab at writing your own security report, I've attached notes from a project I did back in 2004 when SOX was brand new.
    Attached Files Attached Files
    Ellen Deak
    Sr. Software Developer
    Dealer Tire
    EnterpriseOne (E920), Tools 9.2.2.4, IBM DB2 V7.2, Create!form 8

  3. #3
    Member Tom_Davidson's Avatar
    Join Date
    Nov 2000
    Location
    Wisconsin, USA
    Posts
    759
    We are doing this now, I use SQL, and our auditors are OK with that. They also ask for some specific reports also, but those I just run.

    What is perturbing is the timestamp isn't enough, they want print screens including the windows time. <sigh>

    Tom
    Cleindori Consulting
    8.12/8.98.4.14, 9.1/9.1.5.3, 9.2/9.2.0.5/6
    IBM i, WebLogic on Windows, DBCS, Global installations.

  4. #4
    Member BPConnor's Avatar
    Join Date
    Jul 2002
    Location
    Thornton, CO
    Posts
    58
    having a software package to perform the SoD analysis will speed things up quite a bit, but before you can analyze, you need to understand what access you are analyzing. The business needs to determine, within the sox guidelines, what they care about in particular and then you have to determine what JDE objects affect the things they care about.
    JDE E1 Xe to 9.0 installation, configuration, and upgrades.
    GSI Security Practice Lead http://www.getgsi.com/
    Highly Experienced with all facets of JDE security, specializing in the implementation and support of All Out Security.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
The legal restrictions and terms of use applicable to this site are available here.
Use of this site signifies your agreement to the terms of use.
JDELIST is NOT affiliated with JD Edwards® & Company, Oracle or Peoplesoft. Contents of this site are neither endorsed nor approved by JD Edwards® & Company and, or Oracle.