Some day I'll write an editorial on SOX and post it on my site.   

However let it be known that the authors have serious regrets on how
auditing firms have abused the intent of the law.  

I would ensure that your normal DB backups and retention are up to
normal industry standards.  As for journals, I would consider keeping
the system Audit journal for reasonable cycle (3-6 months?), and normal
transaction receivers for maybe 2 business cycles.  Example, you have
some month end processing which reports the months activity.  Retain an
extra month for a back check if the current month doesn't balance when
closed.  

--
Doug Hart 
 

-----Original Message-----
From: security400-bounces@xxxxxxxxxxxx
[mailto:security400-bounces@xxxxxxxxxxxx] On Behalf Of Turnidge, Dave
Sent: Tuesday, August 22, 2006 4:18 PM
To: Security Administration on the AS400 / iSeries
Subject: Re: [Security400] Journal Receiver Retention for SOX...

Actually, Title Insurance... 


************************************
This e-mail and any files transmitted with it are proprietary and intended 
solely
for the use of the individual or entity to whom they are addressed. If you have
received this e-mail in error please notify the sender. Please note that any 
views
or opinions presented in this e-mail are solely those of the author and do not
necessarily represent those of ITT, Inc. The recipient should check
this e-mail and any attachments for the presence of viruses. ITT accepts
no liability for any damage caused by any virus transmitted by this e-mail.
************************************



This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].