Does anyone have a summary of how SOX compliance should or could affect a typical Iseries shop?

From an IT auditing standpoint?

For example, outside auditors recommend all sorts of steps and often reference SOX compliance. How detailed does SOX get regarding this such as:

- IT issues in general

- Separation of PROD and TEST environments (or even hardware)

- User ids; using IBM user-ids, control of job schedulers, etc

I thought SOX was more of a financial and top management responsibility and accountability act. How far down the IT control structure of a typical company does SOX reach?


This outbound email has been scanned for all viruses by the MessageLabs Skyscan service.
For more information please visit

Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2015 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact