This may not be the best forum, but I've been searching for a while.
I'm looking for references to guidlines or policies in English, as
opposed to legalese regarding ad hoc updates to production data. This
data isn't always financial in the strictest form, but in many cases
could potentially affect payments of vendors etc.
I am a manager of a software development group within a large public
company. On a daily basis we get requests to update specific tables
within JD Edwards/EnterpriseOne. Most times these requests simply come
with a spreadsheet and instructions to ".. please load into Fxxxx table
ASAP!!" Forgetting the method of the request, many of the requirements
are perfectly legitimate.
For obvious reasons I am not comfortable doing this, and I'm getting a
lot of pushback from the end users (and executives) to go ahead and
make the changes. Searching for formal legislation surrounding these
types of activities has proven unsuccessful since SOX (and Bill 198
here in Canada) are guidelines around primarily financial data and
Any thoughts where I could find more information that could help me
sell the need for corporate policies, approval lists, validation
procedures, etc? Although I am in Canada, our Bill 198 is closely
modelled after SOX (in order to prevent investors from having to choose
between regulated markets).
Help would be appreciated. Reply direct or to the forum.
Thanks in advance,
john dot heuer at gmail dot com