WebProWorld IT Forum

Display settings all messed up
Yes, I use windows. XP Pro version. OK.....that said, after reading a lot of postings on these forums I decided that maybe I should indeed try to use the 1024&768 resolution that my monitor wants, and the 3d thing prefers also.
Click to read more...

Blocking websites without a server
I've been working at a high school and we're dealing with a problem. Our students are spending important time playing online games and using AIM through the web.
Click to read more...

Instant Messenger as Communication?
There is an ongoing debate in our office about the use of Instant Messenger as a form of legitimate, useful, appropriate, and professional communication. In the last week, I've been contacted by two potential affiliates who wished to communicate via IM.
Click to read more...



Recent Articles

Snide Remarks About Microsoft Anti-Spyware Foray
Microsoft's recent entry into the anti-spyware business has sparked a number of interesting (and often sarcastic) responses by the media, competitors and others.

Potential Flaws Identified For Mozilla, Firefox
Mozilla, direct challenger to Microsoft's Internet Explorer browser, is experiencing something familiar to IE: potential security vulnerabilities.

eBay Turns In Its Passport
In a humiliating turn of events for Microsoft, eBay announced that it has dumped the Microsoft Passport user authentication system.

Microsoft Great Plains Consultant Selection overview for IT Director
Microsoft Great Plains is main Microsoft Business Solutions accounting package for the US market. If you are mid-size of small company, or cost control is really an issue for you...

Just Think About It
Managers, as a group, tend to be action-oriented. We measure ourselves, our importance and our effectiveness in part by the level of activity around us. The louder the hum of machinery, the faster the shuffle of feet in the corridor and the larger the proportion of time we spend in meetings, the better things must be.

Santy worm Targets AOL Yahoo
Variants of the Santy worm have begun to spread on the Internet using Google, AOL, Yahoo and other search engines.

Microsoft Issues Work Order for Project Group Services
Microsoft Consulting Services has issued a work order for $704,000 in Project Group services starting Jan. 1, 2005.

Cisco to Open R&D Center in Tokyo
Cisco Systems announced its intent to open research and development center in Tokyo, Japan.

Microsoft Business Solutions Partner Consulting in the Time of Post-Recession
We are a group of Chicago and Houston based Microsoft Business Solutions Great Plains, Microsoft CRM, RMS and Navision consultants who saw the economic boom at the end of 20th century and then deep recession, which hit high tech and telecommunication sectors with extreme severity.

01.11.05


Sarbanes-Oxley And The Benefits Of Application/server Consolidation

By Bruno Loubiere

So, you are now or will soon be SOX-compliant: what's next? Congratulations, you are on your way to or you just completed your 404!!! Internal auditors, Business, IT, everyone is breathing better and everyone should definitely be proud of it!

So, what's next?

You probably hate this, but it's now time to think about next quarter's 302... Indeed, SOX is here to stay and it is time to include SOX in the 'normal' functioning mode of your company and IT Department. Until now, you have put projects on hold to reallocate resources (Business and IT) to the various domains of SOX testing and remediation. Or you have hired high-dollar contractors to help you get the job done. In any case, this is not a sustainable model. And you are still facing quarterly repeats...

Ongoing, What will be the impact, the cost and how can you make SOX a part of your organization?

By now you know that the software-based answers to SOX will hardly help you: this software will not improve your Business processes, your next-level management reviews and sign-offs, the accuracy of your transactions among systems, your Release Management processes. Nor will it help to ensure that your Development and Support groups do not have update/delete access to your beta test and production systems, etc.

What were the main factors influencing the volume and pain of your SOX action?

Very likely, two key factors were very likely:

(1) the number of applications

(2) the lack of standardized processes around these applications

You are so ready for applications consolidation!

One ERP-style, consolidated application ultimately means:

  • 1 security solution allowing greater return on investment for an automated solution

    From a SOX standpoint, you may not be interested in a 'journalisation' type of security tracking (= who changed which data when and how?) such as the Oracle Fine Grained Auditing support. However chance is that you need a system that helps you to easily track data such as:

    - who can do what?

    - who has responsibilities representing segregation of duties conflicts?

    - who are your gatekeepers?

    - send them early reminders for regular reviews

    - audit their actions in adding/removing accesses to the system

    - generate workflow-based emails to get next-level approvals

    - generate an audit trail of these regular or ad-hoc reviews for your SOX auditors' review

    - etc...

  • 1 set of secure processes and clear accountability Among the benefits of consolidating (whatever the level of consolidation) is the opportunity to develop best-of-breed tools and processes related to code management, release management, service support, etc.

    Deploying such tools also very positively impacts your SOX Testing activities as they relate to these domains:

    - only tested and signed off code goes to production

    - keep and audit trail of the required sign-offs

    - ensure that developers are not testers and code promoters (segregation of duties)

    - are your servers all in a safe data center?

    - etc.

  • leveraging across modules within the ERP for SOX documentation A consolidated environment, primarily centered around an ERP system, will help reduce the volume of investigation and documentation to be put together for SOX testing:

    - How many architecture diagrams did you have to produce?

    - How many vulnerability matrices?

    - How many tables for roles, responsibilities and application functions

    - How much time between producing a version of this document and its being outdated?

    Bottom line

  • SOX is an opportunity to re-think IT strategies around consolidation which in turn will ease integrating SOX in your organization generating less disruptive activities.

  • SOX will not give you a competitive advantage, SOX is a continuous "must do": while minimizing its impact, benefit from it to take your IS to the next level!!!

    About the Author:
    Bruno Loubiere is a seasoned IT Professional. Currently responsible for the Sarbanes-Oxley Compliance of the ERP application for a large computer manufacturer, his main area of expertise is project management of large, complex projects, ERP deployment, upgrades and consolidation, locally or globally. He can be contacted at b.loubiere@comcast.net

  • About ITManagementNews
    ITmanagementNews answers questions for IT managers. Our experts offer real-world advise and cutting edge technology for the enterprise. ITmanagementNews is focused on Delivering IT Solutions

    ITManagementNews is brought to you by:

    SecurityConfig.com NetworkingFiles.com
    NetworkNewz.com WebProASP.com
    DatabaseProNews.com SQLProNews.com
    ITcertificationNews.com SysAdminNews.com
    LinuxProNews.com WirelessProNews.com
    CProgrammingTrends.com DevWebPro.com

    -- ITManagementNews is an iEntry, Inc. publication --
    iEntry, Inc. 880 Corporate Drive, Lexington, KY 40503
    2005 iEntry, Inc. All Rights Reserved Privacy Policy Legal

    archives | advertising info | news headlines | free newsletters | comments/feedback | submit article






    Delivering IT Solutions ITManagementNews News Archives About Us Feedback ITManagementNews Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact