Hi folks,
This may not be the best forum, but I've been searching for a while. I'm looking for references to guidlines or policies in English, as opposed to legalese regarding ad hoc updates to production data. This data isn't always financial in the strictest form, but in many cases could potentially affect payments of vendors etc.
I am a manager of a software development group within a large public company. On a daily basis we get requests to update specific tables within JD Edwards/EnterpriseOne. Most times these requests simply come with a spreadsheet and instructions to ".. please load into Fxxxx table ASAP!!" Forgetting the method of the request, many of the requirements are perfectly legitimate.
For obvious reasons I am not comfortable doing this, and I'm getting a lot of pushback from the end users (and executives) to go ahead and make the changes. Searching for formal legislation surrounding these types of activities has proven unsuccessful since SOX (and Bill 198 here in Canada) are guidelines around primarily financial data and reporting.
Any thoughts where I could find more information that could help me sell the need for corporate policies, approval lists, validation procedures, etc? Although I am in Canada, our Bill 198 is closely modelled after SOX (in order to prevent investors from having to choose between regulated markets).
Help would be appreciated. Reply direct or to the forum. Thanks in advance, john dot heuer at gmail dot com