Probably only a matter of time before we get something similar on this side of the pond.
I expect Tony B and co are rubbing their hands with glee at the amount of new pen-pusher jobs they could create to administer it. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Leach Sent: 17 September 2004 09:22 To: [EMAIL PROTECTED] Subject: RE: [U2] [UV] SOX - TCL command logging / auditing I guess the only sensible means is COMO. That way you capture the result of the TCL actions as well as the actions themselves. But even that is pretty pointless: anyone with a manual and TCL access can write a simple program or even PROC (shudder) to amend data and then remove it so you can't see what was done. And at what point does that cease to be part of 'the application' ? A lot of 'applications' I know of can be pretty fluid - if a systems admin person needs to fix a record from an error condition, is that now an 'unauthorized change'? Where does a system restore come in - since that could affect the condition of any data added since the backup was taken - is that also an 'unauthorized change' in the act? Bottom line - I think you're on to a loser with this one. Brian "glad the UK doesn't have the SOX act" Leach. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Hester Sent: 17 September 2004 00:10 To: [EMAIL PROTECTED] Subject: Re: [U2] [UV] SOX - TCL command logging / auditing Buss, Troy (Logitek Systems) wrote: > Does anyone know if there is a built in facility within universe for > logging TCL commands by account or even globally? Something similar > perhaps as the 'errlog' feature. > > Of concern by an internal SOX (sarbanes-oxley) audit was that its > possible for data to be changed outside of the application. > Specifically, "direct access to data could remain undetected resulting > in unauthorized changes to financial data, affecting data integrity". I ended up writing a wrapper for the ED command to keep track of manual data changes outside of apps. I just write whatever record's being edited to a type 19 temp file, run the original ED, write the resulting record, then compare the result to the original via the unix diff command. I end up with log records like this: >ED AUDIT.MOD CA_82001211+RDA_13372_49928 17 lines long. ----: P 0001: 1,3c1,3 0002: < 858856 0003: < 806669 0004: < 52187 0005: --- 0006: > 749638 0007: > 705153 0008: > 44485 0009: 9c9 0010: < 7196 0011: --- 0012: > 7255 0013: 28c28 0014: < 250 0015: --- 0016: > 252 0017: where the ID is file_record+userid_date_time. Of course if someone familiar with UV is up to no good, they can just run the original ED program to make their changes - or write a program to do it. This is more of an audit trail to determine what went wrong in the case of an honest mistake than a safeguard against intentional fraud. -John -- John Hester System & Network Administrator Momentum Group Inc. (949) 833-8886 x623 http://memosamples.com ------- u2-users mailing list [EMAIL PROTECTED] To unsubscribe please visit http://listserver.u2ug.org/ ________________________________________________________________________ This email was checked by MessageLabs SkyScan before entering Microgen. ________________________________________________________________________ This email was checked on leaving Microgen for viruses, similar malicious code and inappropriate content by MessageLabs SkyScan. DISCLAIMER This email and any attachments are confidential and may also be privileged. If you are not the named recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information. In the event of any technical difficulty with this email, please contact the sender or [EMAIL PROTECTED] Microgen Information Management Solutions http://www.microgen.co.uk ------- u2-users mailing list [EMAIL PROTECTED] To unsubscribe please visit http://listserver.u2ug.org/ The information contained in this email is strictly confidential and for the use of the addressee only, unless otherwise indicated. If you are not the intended recipient, please do not read, copy, use or disclose to others this message or any attachment. Please also notify the sender by replying to this email or by telephone +44 (0)20 7896 0011 and then delete the email and any copies of it. Opinions, conclusions (etc.) that do not relate to the official business of this company shall be understood as neither given nor endorsed by it. IG Markets Limited and IG Index Plc are authorised and regulated by the Financial Services Authority and, in Australia, by the Australian Securities and Investments Commission. ------- u2-users mailing list [EMAIL PROTECTED] To unsubscribe please visit http://listserver.u2ug.org/
