Greg, 
  We had many areas. like 17 but some of those had several underneath.
  Backups,
    Offsite
    Computer room access
    Modems attached to 400
   
  System values
  Job scheduler changes / documentation for adds / updates /deletes
  Job scheduler review if jobs failed during process 
  Resolution log of these errors
  All kinds of user profiles audit. 
     users with ALLOBJ / SECADM SECOFR authority
     users with default passwords
     Generic user ids
     3rd party package userid 
    command line access / 400 and mapics
    privileged acct users
  What mapics jobs user can run. (Like user that create P/O's can't do 
receiving.)
  lock down commands like wrkjobscde, upddta, pwrdwnsys etc
  lock down libraries so programmers can only access production env with read 
authority
  New user being added - documents and approvals
  documentation of deleted users
  Change Mgmt - documentation of production env changes / program / data / new 
development testing etc.
      Periodic review of controls. bi-weekly, monthly, semi - annual.
  Think that covers it. 
  This is high level...

Greg Wenzloff <GWenzloff@xxxxxxxxxxx> wrote:
  Thanks Ann and Pete!

Pete - I would like to know about your SOX audit. I'm getting ready
for my audit and there are way too many ways to get in hot water.
Perhaps you could post on what they tested you on. There are probably
others on this list in the same boat.

Thanks,
Greg



_______________________________________________
This is the MAPICS ERP System Discussion (MAPICS-L) mailing list
To post a message email: MAPICS-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/mapics-l
or email: MAPICS-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/mapics-l.

  


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.