SOX & Data Integrity (DB updates)

Hi folks,
This may not be the best forum, but I've been searching for a while. I'm looking for references to guidlines or policies in English, as opposed to legalese regarding ad hoc updates to production data. This
data isn't always financial in the strictest form, but in many cases could potentially affect payments of vendors etc.
I am a manager of a software development group within a large public company. On a daily basis we get requests to update specific tables within JD Edwards/EnterpriseOne. Most times these requests simply come with a spreadsheet and instructions to ".. please load into Fxxxx table ASAP!!" Forgetting the method of the request, many of the requirements are perfectly legitimate.
For obvious reasons I am not comfortable doing this, and I'm getting a lot of pushback from the end users (and executives) to go ahead and make the changes. Searching for formal legislation surrounding these types of activities has proven unsuccessful since SOX (and Bill 198 here in Canada) are guidelines around primarily financial data and reporting.
Any thoughts where I could find more information that could help me sell the need for corporate policies, approval lists, validation procedures, etc? Although I am in Canada, our Bill 198 is closely modelled after SOX (in order to prevent investors from having to choose between regulated markets).
Help would be appreciated. Reply direct or to the forum. Thanks in advance, john dot heuer at gmail dot com
Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

If your company is subject to "SOX" or "Bill 198" then someone in the accounting or the audit dept. should be able to help you identify internal controls and risks associated with the data tables before it impacts inventory or material / labor costs or the general ledger. There are specialized sarbanes oxley forums on the internet such as http://www.sarbanes-oxley-forum.com/modules.php?name=Forums
and IT software controls and Sarbanes Oxley are discussed in general terms here: http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act#IT_controls.2C_IT_audit.2C_and_SOX
.
--
Posted via a free Usenet account from http://www.teranews.com


Add pictures here
<% if( /^image/.test(type) ){ %>
<% } %>
<%-name%>
Add image file
Upload

BeanSmart.com is a site by and for consumers of financial services and advice. We are not affiliated with any of the banks, financial services or software manufacturers discussed here. All logos and trade names are the property of their respective owners.

Tax and financial advice you come across on this site is freely given by your peers and professionals on their own time and out of the kindness of their hearts. We can guarantee neither accuracy of such advice nor its applicability for your situation. Simply put, you are fully responsible for the results of using information from this site in real life situations.