SQL Clone
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 


No More SOX


No More SOX

Author
Message
Steve Jones
Steve Jones
SSC Guru
SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)

Group: Administrators
Points: 223796 Visits: 19628
Comments posted to this topic are about the item No More SOX

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Jeff Moden
Jeff Moden
SSC Guru
SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)

Group: General Forum Members
Points: 339179 Visits: 42614
SOX actually made my life a little easier. I no longer have to argue with a bunch of people about locking down the Production Servers. I no longer have to listen to interminable dribble and explain over and over about why I don't believe Developers should have anything other than Read Only access to the Production Servers, if that.

Now, I have a "3" word reason that they can't argue with. "It's the Law". Period. End of Story. Next problem please. And, oh yes, take your whiney hiney and your boss' gotta-have-it-now-'cause-I-dunno-how-to-write-a-schedule PITA attitude down the hall and put your cruddy, performance challenged, inaccurate, untested, POS code through a code review and some decent Unit and UAT Testing before you give it to me for promotion to Production. Make sure you have a backout plan, too, sonny. :-P

Truly Yours,
BSOFH on SOX steroids Hehe

p.s. That goes for your bloody undocumented, just-as-performance-challenged GUI code, too! :-D

--Jeff Moden

RBAR is pronounced ree-bar and is a Modenism for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column.
If you think its expensive to hire a professional to do the job, wait until you hire an amateur. -- Red Adair

Helpful Links:
How to post code problems
How to post performance problems
Forum FAQs
Jeff Moden
Jeff Moden
SSC Guru
SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)SSC Guru (339K reputation)

Group: General Forum Members
Points: 339179 Visits: 42614
Heh... sorry... I'm holding back... I should tell you how I really feel. ;-)

--Jeff Moden

RBAR is pronounced ree-bar and is a Modenism for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
Stop thinking about what you want to do to a row... think, instead, of what you want to do to a column.
If you think its expensive to hire a professional to do the job, wait until you hire an amateur. -- Red Adair

Helpful Links:
How to post code problems
How to post performance problems
Forum FAQs
Tom Fischer
Tom Fischer
SSC-Enthusiastic
SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)SSC-Enthusiastic (171 reputation)

Group: General Forum Members
Points: 171 Visits: 65
Have to (strongly) agree with the ambiguous Mr. Moden. :-)

One of the downsides of SOX that I’ve witnessed has been its casual interpretation to justify requests. For example, one manager used SOX to justify hiring another DBA. Another involved requesting hardware upgrades.
Mike Hinds
Mike Hinds
SSCommitted
SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)SSCommitted (1.8K reputation)

Group: General Forum Members
Points: 1840 Visits: 1145
SOX gave us a start to prepare for what was to come. As mentioned by all above, we now have the law on our side when we ask for controls, and the time and materials to implement them.

The regional bank I work for was hit by eastern European hackers a year ago. SOX helped in two ways:
1) We were partially prepared for the intrusion, and as such the actual damage to customer data was limited. Law enforcement gave us a huge P/R boost in assuring our customers that we had been well prepared.
2) Many staff were prepared to respond quickly and appropriately, by having done many of the steps in lesser intensity over the last five years.

Mike Hinds
Senior Database Administrator
1st Source Bank
MCP, MCTS
Andrew Peterson
Andrew Peterson
SSCrazy
SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)SSCrazy (2.2K reputation)

Group: General Forum Members
Points: 2234 Visits: 750
We do need SOX, but corporate executives hate it.

It limits their ability to softly manage their short term reported financials, and makes them responsible. In one of my past careers (I am a CPA) I audited the financials of many companies. If you remember the collapse of Enron and Arthur Andersen, I can tell you from firsthand knowledge that it was only a matter of time before a major accounting firm imploded.

The more you are prepared, the less you need it.
Someguy
Someguy
Right there with Babe
Right there with Babe (725 reputation)Right there with Babe (725 reputation)Right there with Babe (725 reputation)Right there with Babe (725 reputation)Right there with Babe (725 reputation)Right there with Babe (725 reputation)Right there with Babe (725 reputation)Right there with Babe (725 reputation)

Group: General Forum Members
Points: 725 Visits: 579
This was an interesting editorial for me because prior to this I had only heard Sarbanne-Oxley critisized for the "Mark to Market" provisions. See link below as an example:

http://www.forbes.com/2008/09/29/mark-to-market-oped-cx_ng_0929gingrich.html

Apparently SOX is more complex than this single issue. Thanks for the enlightenment.

I haven't had time to read the whole act (and I don't feel too guilty about that - it seems most of Congress doesn't have time to read their own legislation nowadays). Might it be that it is a series of provisions that need to be considered individually? Perhaps those of you who have implemented applications in response to the act could further enlighten us...

___________________________________________________
“Politicians are like diapers. They both need changing regularly and for the same reason.”
Hugo Shebbeare
Hugo Shebbeare
SSC-Enthusiastic
SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)SSC-Enthusiastic (117 reputation)

Group: General Forum Members
Points: 117 Visits: 260
Glad to see from above the support for Internal Controls, certainly makes not only the DBAs life easier, but also, more importantly, the strength of an organisation's systems' integrity.

I went into detail on this already here, with an anecdote or two:
http://www.sqlservercentral.com/blogs/hugo/archive/2009/02/15/the-importance-of-the-segregation-of-duties-with-respect-to-internal-controls.aspx

Here in Canada, we have (aka C-SOX) Bill C-158 - unfortunately, most developers here have to be convinced that this is the law and not just 'overhead' to make their lives difficult.

Town of Mount Royal, QC
514 812 5087 (txt also)
hugo@intellabase.com (msn im also)

Steve Jones
Steve Jones
SSC Guru
SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)SSC Guru (223K reputation)

Group: Administrators
Points: 223796 Visits: 19628
Very interesting. I was expecting to see more complaints about SOX, but maybe I'm not out of touch as a DBA. This law definitely helps DBAS, or anyone that wants to better manage and control their environment, without such a fly-by-the-seat-of-my-pants attitude that used to predominate.

I guess the DBAs don't want this repealed.

Follow me on Twitter: @way0utwest
Forum Etiquette: How to post data/code on a forum to get the best help
My Blog: www.voiceofthedba.com
Ken Wymore
Ken Wymore
SSCertifiable
SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)SSCertifiable (7.9K reputation)

Group: General Forum Members
Points: 7882 Visits: 2418
At my old company, data was managed very haphazardly and pretty much anyone could get access to systems internally if they asked the right people. SOX made us tighten down our systems, document our systems and actually come up with back up strategies which were barely there before. It actually required admins and dba's to learn the systems that they were working with better and in turn exposed a number of large potential issues that we might not have found before. After the first 2 years of SOX audits, it just became another yearly ritual for us, same as year end reporting and routine maintenance. One can imagine how many public companies might have fudged the numbers in today's economy if SOX wasn't a concern.
Go


Permissions

You can't post new topics.
You can't post topic replies.
You can't post new polls.
You can't post replies to polls.
You can't edit your own topics.
You can't delete your own topics.
You can't edit other topics.
You can't delete other topics.
You can't edit your own posts.
You can't edit other posts.
You can't delete your own posts.
You can't delete other posts.
You can't post events.
You can't edit your own events.
You can't edit other events.
You can't delete your own events.
You can't delete other events.
You can't send private messages.
You can't send emails.
You can read topics.
You can't vote in polls.
You can't upload attachments.
You can download attachments.
You can't post HTML code.
You can't edit HTML code.
You can't post IFCode.
You can't post JavaScript.
You can post emoticons.
You can't post or upload images.

Select a forum

































































































































































SQLServerCentral


Search