SOX is all about getting executives to be responsible for the numbers
they are reporting. If you read the entire SOX act of 2002, you will
find the word "computer" anywhere in the document. However, reading
between the line, there are three sections of the SOX Act that apply,
specifically sections 302, 404 and 409. Find a copy of the act and
on these three.
Here's a link to the details: 
Rich Loeber - @richloeber
Kisco Information Systems
On 2/25/2013 10:43 AM, Stone, Joel wrote:
Does anyone have a summary of how SOX compliance should or could affect a
typical Iseries shop?
>From an IT auditing standpoint?
For example, outside auditors recommend all sorts of steps and often
reference SOX compliance. How detailed does SOX get regarding this such as:
- IT issues in general
- Separation of PROD and TEST environments (or even hardware)
- User ids; using IBM user-ids, control of job schedulers, etc
I thought SOX was more of a financial and top management responsibility
and accountability act. How far down the IT control structure of a typical
company does SOX reach?
This outbound email has been scanned for all viruses by the MessageLabs
For more information please visit http://www.symanteccloud.com
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
This mailing list archive is Copyright 1997-2013 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact