The Sarbanes-Oxley act has become a four letter word to many IT people in the US. Thankfully I only had to deal with it for about 9 months before I left to go work on my own, but it was a long 9 months. Especially since I did half the work with JD Edwards and then did it again with Peoplesoft 🙁
When the act was passed, I was hopeful it would straighten out some of corporate America's problems with manipulating financials results. What I didn't expect, and I'm not sure is a valid interpretation, is the idea that all of IT should be regulated and documented so heavily.
I have always liked the ISO-9000 series of certifications and they're a good idea for ensuring that you have a handle on your business and employees comply with the processes and procedures that the company has set up. It's a sound, fundamental way to run a business. It's how I've worked for most of my career. And the documentation is a way to both ensure that someone else can do your job, and it proves that work is being done. The idea that you "say what you do, and do what you say" just makes sense to me.
However the SOX auditor's seem to have the idea there's much more to it. Personally I think this was a way for the Big 6 and other firms to get a bunch of billable hours by digging into areas beyond the Finance departments, but that's my guess. It seems that a lot of the work required didn't really add any reassurance to shareholders.
Unless you had shares in an auditing firm.
This week we received a few articles on SOX work done by DBAs out there in the field. It was funny that I got 3 articles within a week of each other and I hadn't asked for any of them. We decided to publish two and so you'll see one today and one tomorrow.
If you've had experience with SOX, please post some comments. Either here or with the articles. You never know how much work you might save another DBA with your advice.
The podcasts continue! At least for now. The audiocast is here. I didn't have time to experiment with some better video shoots, but look for more this week. Unless you want to see the raw ranting and raving.
Music for today's Podcast from: