Shawn - thank you. Does this mean we do not need to be concerned about auditing of our Help Desk (Incident Management)? I worked with Pharmaceutical companies that had IT audits. However now I am with a finance securities company, and I want to make sure we are complying with auditing requirements. For example, 100s+ of code changes were made to Remedy production (non-finance) systems, without ticket submission. I work with a Remedy developer who insists upon submitting tickets in Remedy for users throughout the company -- instead of the users using Remedy directly to submit tickets. Because the developer is often busy with other task, several tickets are not logged, and I am concerned that this could potential come back and bite us (the business) one day. In a message dated 6/14/2010 1:53:10 P.M. Eastern Daylight Time, [email protected] writes:
Sent: Monday, June 14, 2010 12:38 PM To: [email protected] Subject: OT: SOX and Audits of ITSM ** Hi, Under what conditions can your ITSM system be audited? Does anyone have any compliance documentation that provides steps on auditing guidelines we should comply with for ITSM? _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
