PBXtech.info - View Single Post - What's your company doing to meet the SOX requirements for IT?

oozenoz · April 8th, 2006, 07:36 PM

I blame it on people too cowardly to take responsibility for and admit to their mistakes, and lawyers who make money by finding ways to lay it on everyone but the guilty party.

I see nothing wrong with having a gameplan for any sort of change - whether it involves installing a new station or cutting over an entire system. Understanding what is required prior to starting, knowing what all must be tested successfully to know it's completed, and having a solution for backing it out if you must increases the odds that any job will go smoothly. It's all part of the project planning and engineering of the work. I admit, only allowing the installation of a hot-swappable card after 9 PM is a bit over the top, but there IS a possibility something could go wrong even with something so seemingly simple... Been there, done that.

SOX auditors (on their initial review) gave our company a failing score in the area of IT change control and our management reacted in a very predictible way - overkill. And while we may not like it, it's not going to go away for any of us who work in a company large enough to fall under SOX compliance rules.

Sooooo, with that in mind, how are companies dealing with this new level of imposed bureaucracy as it relates to MAC work?

April 8th, 2006, 07:36 PM	#3 (permalink)
oozenoz PBXtech PLATINUM 300+ posts Join Date: Feb 2006 Posts: 350	Re: What's your company doing to meet the SOX requirements for IT? I blame it on people too cowardly to take responsibility for and admit to their mistakes, and lawyers who make money by finding ways to lay it on everyone but the guilty party. I see nothing wrong with having a gameplan for any sort of change - whether it involves installing a new station or cutting over an entire system. Understanding what is required prior to starting, knowing what all must be tested successfully to know it's completed, and having a solution for backing it out if you must increases the odds that any job will go smoothly. It's all part of the project planning and engineering of the work. I admit, only allowing the installation of a hot-swappable card after 9 PM is a bit over the top, but there IS a possibility something could go wrong even with something so seemingly simple... Been there, done that. SOX auditors (on their initial review) gave our company a failing score in the area of IT change control and our management reacted in a very predictible way - overkill. And while we may not like it, it's not going to go away for any of us who work in a company large enough to fall under SOX compliance rules. Sooooo, with that in mind, how are companies dealing with this new level of imposed bureaucracy as it relates to MAC work? __________________ - calvin