I would say this is bogus.  SOX does not go into an specific details.
Your auditors are calling the shots.  My guess is that SOX never
addresses Journals at all, as many OS'es or platforms don't have this
function.

Disclaimer:
You don't name your industry so I'm assuming your just a widget
manufacturer. 

--
Doug Hart 
 

-----Original Message-----
From: security400-bounces@xxxxxxxxxxxx
[mailto:security400-bounces@xxxxxxxxxxxx] On Behalf Of Turnidge, Dave
Sent: Tuesday, August 22, 2006 3:32 PM
To: security400@xxxxxxxxxxxx
Subject: [Security400] Journal Receiver Retention for SOX...

Per the current understanding of requirements put forward by auditors,
we need to analyze changes and actions that are made/taken by users
outside of the actual production applications. That is, changes made by
command from the command line, etc. We then need to retain this data
(journal receivers) for SEVEN years.
 
There are a couple of issues that I would like to have your thoughts on:
 
1) I got bit last week after having set up an "automatic" analysis,
because one of the Journal files became MASSIVE. One of the steps in my
"automatic" methodology is to dump journal receivers to a data file so I
can run those records against an SQL statement to report on those items
that are out of the range that has been set up. What happened was that
disk filled up. 
 
Is there a way to determine that you are about to do something stupid -
like run out of disk - so you can stop it?
 
2) As a part of my retention routine, I have a tape that just sits in
our development system, and I continue adding save files containing
receivers from all our systems. This is not exactly ... safe ... because
if something happened that destroyed that tape, we wouldn't have backup.
I suppose we could back up just a weeks worth of information, but by the
time we got to SEVEN years, we would probably own the storage company...
 
So, how can I backup what will be massive amounts of data, over a LONG
period of time, and still have the data safe?
 
TIA for any input,

Dave
612-371-1163 

 
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list To post a message email: Security400@xxxxxxxxxxxx To
subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at
http://archive.midrange.com/security400.


************************************
This e-mail and any files transmitted with it are proprietary and intended 
solely
for the use of the individual or entity to whom they are addressed. If you have
received this e-mail in error please notify the sender. Please note that any 
views
or opinions presented in this e-mail are solely those of the author and do not
necessarily represent those of ITT, Inc. The recipient should check
this e-mail and any attachments for the presence of viruses. ITT accepts
no liability for any damage caused by any virus transmitted by this e-mail.
************************************



This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].