You cannot download the company financial information in a manner that it can be manipulated outside of a software package like JDE Edwards. This means excel spreadsheets and the like.

This does not include non-corporate-financial information. You can down load customer information to customer service, loan data to secondary marketing (banking) and the like. I'm not sure if collections information is restricted, but I've never heard that it is.

The downside is, that we as IT professionals can now be held financially responsible for the companies financials just like the executives and directors of the company.

I worked extensively with Harley Davidson on the SOX compliance.

The truth is though, i have yet to hear of a single company getting in trouble due to not being compliant.

I hope I've clarified my comments.

Sent from my iPhone

On Feb 25, 2013, at 11:33 AM, rob@xxxxxxxxx wrote:

Really? "All"?
<snip>
This means eliminating all download of financial data from the iseries.
</snip>

I doubt it. I suppose sending ASN's to your customers could be considered
a download. Any ETL package would be considered a download. Heck, a
printout could be considered a download.
I really think it's more intended that the data be controlled.

I can download my transactions from my bank to my PC. I take it that
makes my bank out of compliance with SOX?




Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: RBD <brentdunn007@xxxxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>,
Date: 02/25/2013 11:37 AM
Subject: Re: SOX compliance
Sent by: midrange-l-bounces@xxxxxxxxxxxx



Sox also includes limiting access to financial data. This means
eliminating all download of financial data from the iseries.

It can mean legal responsibility for company finances.

Sox does not apply to wholely own companies. Only corporations.

On Feb 25, 2013, at 10:03 AM, Rich Loeber <rich@xxxxxxxxx> wrote:

Joel,

SOX is all about getting executives to be responsible for the numbers
that
they are reporting. If you read the entire SOX act of 2002, you will
not
find the word "computer" anywhere in the document. However, reading
between the line, there are three sections of the SOX Act that apply,
specifically sections 302, 404 and 409. Find a copy of the act and
focus
on these three.

Here's a link to the details: [1]
http://www.sec.gov/about/laws/soa2002.pdf

Rich Loeber - @richloeber
Kisco Information Systems
[2]http://www.kisco.com


--------------------------------------------------------------------------

On 2/25/2013 10:43 AM, Stone, Joel wrote:

Does anyone have a summary of how SOX compliance should or could affect
a typical Iseries shop?

From an IT auditing standpoint?

For example, outside auditors recommend all sorts of steps and often
reference SOX compliance. How detailed does SOX get regarding this such
as:


- IT issues in general

- Separation of PROD and TEST environments (or even hardware)

- User ids; using IBM user-ids, control of job schedulers, etc

I thought SOX was more of a financial and top management responsibility
and accountability act. How far down the IT control structure of a
typical company does SOX reach?

Thanks!



______________________________________________________________________
This outbound email has been scanned for all viruses by the MessageLabs
Skyscan service.
For more information please visit [3]http://www.symanteccloud.com
______________________________________________________________________

References

Visible links
1. http://www.sec.gov/about/laws/soa2002.pdf
2. http://www.kisco.com/
3. http://www.symanteccloud.com/
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.