SOX audits - seeking answers

cncjay

Well Known Member
Hello All,

We are now going through SOX compliance requirements. Can anyone provide any feedback as to what software you are using that helps you prepare when the auditors request info.

So far, the questions have been JDE IDs, user roles, and application security related.

We are on JDE 9.0 update 1. Tools 9.1.5.7 on Windows/SQL platform.

thank you
 
Hi,

My company uses a product from ALLOUT Security.

If you want to take a stab at writing your own security report, I've attached notes from a project I did back in 2004 when SOX was brand new.
 

Attachments

  • Security Report User-Role-Tasks v4.zip
    54.8 KB · Views: 65
We are doing this now, I use SQL, and our auditors are OK with that. They also ask for some specific reports also, but those I just run.

What is perturbing is the timestamp isn't enough, they want print screens including the windows time. <sigh>

Tom
 
having a software package to perform the SoD analysis will speed things up quite a bit, but before you can analyze, you need to understand what access you are analyzing. The business needs to determine, within the sox guidelines, what they care about in particular and then you have to determine what JDE objects affect the things they care about.
 
Back
Top