E9 SOX Compliance?

Hi All,
I work for a medical device manufacturer that has recently been acquired by a publicly traded company. We plan to limp along on E9 until we can finalize our SAP migration, but our auditors aren’t impressed with level of change management logging that E9 provides.

Has anyone been able to make E9 work in a similar circumstance? I’d appreciate any advice.

There are Change Logs and security. It might be “enough” in E9, but not robust.

First, congrats on the acquisition. I once worked for a public company that used a BPM in E9 on what they viewed as the key BO’s (customizations, bpm’s and data directives) that required an IT ticket number and a manger password in order to update or save. We then used the IT ticket system to actually show all of the requirements, testing and approval from the end user. It’s definitely not ideal but it might help until you guys can roll out SAP. Good luck!

Thank you both for your replies!

The problem we’re faced with is that there’s no comprehensive audit utility that tracks all the ways Epicor can be customized. It seems to all boil down to the honor system which isn’t acceptable to our auditors.

We have no plans to uprade to E10, but are there more robust auditing features there?