SOX = Sarbanes Oxley which is a law passed by the U.S. congress after the Enron debacle which created morass of rules for publicly traded U. S. companies to try to bring more accountability in management for what goes on in their companies. Basically it requires more auditable documentation and approval for business processes.
Tim Hager
Controller
Diba Industries Inc.
tim.hager@... <mailto:tim.hager@...>
From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On Behalf Of Chris Thompson
Sent: Monday, May 21, 2012 5:40 AM
To: vantage@yahoogroups.com
Subject: Re: [Vantage] Vantage and SOX Compliance for Change Management
Hi All
What is SOX compliant?
Thanks.
________________________________
From: Chris Robisch <bluewine@... <mailto:bluewine%40cox.net> >
To: vantage@yahoogroups.com <mailto:vantage%40yahoogroups.com> ; VANTAGE@... <mailto:VANTAGE%40LIST.EPICORUSERS.ORG>
Sent: Friday, 18 May 2012, 17:42
Subject: Re: [Vantage] Vantage and SOX Compliance for Change Management
We have directories as below, Live/Save/Test under each one. A daily program checks the file/date on each Live directory and spits out an exception if the file isn't linked to a Call. Each Call, in an SQL app outside of Epicor, is generated by a user, approved by their manager and data owner and tested by the user. When approved by the user, it's released to Live where the program is put into the Live directory. Or in the case of customizations inside Epicor, exported to the approriate directory. Processes are BPM's etc. Programs are OpenEdge .r's. Queries include Dashboards.
Both Pilot/Test use the Test directories and aren't tracked. Save is for previous versions and Epicor one-off's. And our auditors check every Call for the proper approvals and such.
Processes
Live
Save
Test
Programs
Queries
Screens
...Reports\Custom...
Tim Hager
Controller
Diba Industries Inc.
tim.hager@... <mailto:tim.hager@...>
From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com] On Behalf Of Chris Thompson
Sent: Monday, May 21, 2012 5:40 AM
To: vantage@yahoogroups.com
Subject: Re: [Vantage] Vantage and SOX Compliance for Change Management
Hi All
What is SOX compliant?
Thanks.
________________________________
From: Chris Robisch <bluewine@... <mailto:bluewine%40cox.net> >
To: vantage@yahoogroups.com <mailto:vantage%40yahoogroups.com> ; VANTAGE@... <mailto:VANTAGE%40LIST.EPICORUSERS.ORG>
Sent: Friday, 18 May 2012, 17:42
Subject: Re: [Vantage] Vantage and SOX Compliance for Change Management
We have directories as below, Live/Save/Test under each one. A daily program checks the file/date on each Live directory and spits out an exception if the file isn't linked to a Call. Each Call, in an SQL app outside of Epicor, is generated by a user, approved by their manager and data owner and tested by the user. When approved by the user, it's released to Live where the program is put into the Live directory. Or in the case of customizations inside Epicor, exported to the approriate directory. Processes are BPM's etc. Programs are OpenEdge .r's. Queries include Dashboards.
Both Pilot/Test use the Test directories and aren't tracked. Save is for previous versions and Epicor one-off's. And our auditors check every Call for the proper approvals and such.
Processes
Live
Save
Test
Programs
Queries
Screens
...Reports\Custom...
----- Original Message -----
From: "Marsch, Chris" <cmarsch@... <mailto:cmarsch%40mdaturbines.com> >
To: <vantage@yahoogroups.com <mailto:vantage%40yahoogroups.com> >; <VANTAGE@... <mailto:VANTAGE%40LIST.EPICORUSERS.ORG> >
Sent: Friday, May 18, 2012 9:00 AM
Subject: [Vantage] Vantage and SOX Compliance for Change Management
> For those of you on Vantage, what are you doing in terms of tracking customizations and changes in your system and having documentation in the system for these changes to be SOX compliant?
>
> Christopher W. Marsch
> IT/Database Administrator
> Mechanical Dynamics & Analysis, Ltd.
> 19E British American Blvd.
> Latham, NY 12110
> (518) 399-3616 x272
> Cell: (518) 795-0200
[Non-text portions of this message have been removed]
[Non-text portions of this message have been removed]
********************************************************
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. If you are not the addressee, any disclosure, reproduction,
copying, distribution, or other dissemination or use of this communication is
strictly prohibited. If you have received this transmission in
error please notify the sender immediately and then delete this e-mail.
E-mail transmission cannot be guaranteed to be secure or error free as
information could be intercepted, corrupted lost, destroyed, arrive late or
incomplete, or contain viruses.
The sender therefore does not accept liability for any errors or omissions
in the contents of this message which arise as a result of e-mail
transmission. If verification is required please request a hard copy
version.
********************************************************
[Non-text portions of this message have been removed]