And gee... Would it have been financial fraud when as a QA manager at a retail banking operation I discovered a bug where if you performed a transaction i.e. withdrawal, and then did not respond in the required time it timed out the transaction even though it had already spit out your money yet never posted it against your account?
Or report the double deposit that Chase just made to my account when they obviously thought the ATM didn't record it and also processed it as a teller transaction? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Susan Joslyn Sent: Thursday, March 17, 2005 9:05 AM To: [email protected] Subject: RE: [U2] Financial Fraud Jeff, That one is easy. Requests for mods to the software must be documented and their justification is part of the request. Every SOX auditor I've come across has made this mandate. So in IT we have a methodology where we are responding to written requests that have been through authorization channels before coming to us. So -- without (necessarily) understanding the accounting or legal implications of the task at hand, you can verify that the request came through proper channels. Everyone has their job definition -- you don't have to have knowledge or expertise or fear outside of your realm of responsibility. BUT BOY-GOLLY make sure you are taking your own steps. If it turns out you did something that you can't point to the audit of the request and justification for WHY you did it -- well, then you may need your lawyer. Help put good procedures in place -- in the first place -- that make sense and then don't let people bypass the rules (emergencies are part of the rules, not an exception to them -- have established emergency-justification-criteria and then established emergency procedures!) <whoosh-clap> <sound of collapsible soapbox folding up> Susan Date: Thu, 17 Mar 2005 08:08:46 -0500 From: "Lettau, Jeff" <[EMAIL PROTECTED]> Subject: RE: [U2]: Epicor What if I make a change to the code in the system according to what the CFO wants and then I get implicated as being an accomplice to fraud. Can I pull my college credits where I failed accounting as being my defense? Is it getting to the point where every change to the system requires a call to a lawyer to check to see if it is ok? Jeffrey Lettau ERP Systems Manager polkaudio ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/ ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
