June 1, 2009 at 8:59 am
I agree with Red Cat. I have experienced the inefficiency and stupidity of inapplicable rules myself. And just wait until we get Cap & Trade, VAT and all the other wonderful things Congress has in store for us. Maybe, if SOX is overturned they won't be able to get away with it.
June 1, 2009 at 9:00 am
The need for better processes and controlls over things is a good goal, and SOX was good intentioned legislation. However, having worked before at a company that went through a SOX audit, I can tell you the implementation of that intent is what caused the problems that give SOX a bad reputation. There were a number of such audits, including the one at the company I worked at, that seemed to turn more into witch hunts.
June 1, 2009 at 9:26 am
Finally in print - Thanks Steve - ISO9001 ! (did my first one over 15 years ago)
If you have ISO9001 then SOX is kind of dumb (although Jeff has lots of great reasons for it that I have experienced and agree with !)
If you are not ISO9001 certified then yeah you better get SOX for your own good.
I have been in ISO9001 shops, HIPPA shops and now I am in a partial SOX/non-SOX environment (we do not have ISO9001). So by my own words - we do need it !
RegardsRudy KomacsarSenior Database Administrator"Ave Caesar! - Morituri te salutamus."
June 1, 2009 at 6:55 pm
Jeff Moden (5/31/2009)
"Its the Law"
A four word reason "It's the law".
I soooo dislike misuse of the apostrophe in possessive case, particularly of the verb "to be".
Probably a left over attitude from misuse of a comma causing a microcode load failure in the 308x.
:Whistling:
Peter Edmunds ex-Geek
June 1, 2009 at 7:16 pm
Taking a less nit-picking and more productive approach though...
Red Cat (6/1/2009)
[...] has done more to hamstring our productivity than just about anything I can think of [...]
I'm another who has preferred to read the various extant summaries rather than the full legislation, only like getting involved in that level of far too convoluted detail when it rreeaallyy affects me personally.
But, what's the fundamental problem with applying auditable changes to a data structure?
Oh.
Money.
Of course.
If we don't have to spend money in order to ensure that we don't produce a six fingered, three eared, five eyed transgenic freak, than we should do just that.
Yep, that's it, produce any number of six fingered, three eared, five eyed transgenic freaks, as long as it makes us more money than it costs us in this financial year.
Peter Edmunds ex-Geek
June 1, 2009 at 8:54 pm
wldhrs (6/1/2009)
Jeff Moden (5/31/2009)
"Its the Law"A four word reason "It's the law".
I soooo dislike misuse of the apostrophe in possessive case, particularly of the verb "to be".
Probably a left over attitude from misuse of a comma causing a microcode load failure in the 308x.
:Whistling:
We can certainly tell what you consider to be most important. What does that have to do with the subject at hand? Nothing. Get over the typo.
:Whistling:
--Jeff Moden
Change is inevitable... Change for the better is not.
June 2, 2009 at 5:46 am
I have been working as a software developer for a little over a year now for a company that is SOX compliant. I do think some of the steps required are annoying, but without the checks and balances, you wouldn't have a clue what some of these people did to the data and/or code.
Sometimes I feel like I spend just as much time tracking changes and updating sharepoint issues, but two months down the road when someone asks me why, I can go back to the issue and get an idea of what I was thinking back then.
I am come to believe that it is one of those necessary evils to keep some of the irresponsible people in check. I would like to say I don't need it myself, but without it I would eventually be lost in code changes.
June 4, 2009 at 12:48 pm
Jeff,
WOW - you nailed it !!
I'm a long time data architect and shared your 'experiences' with developers, managers and business 'types' who have no concept of the need for auditibility and data integrity.
Thanks for laugh and btw - every great DBA I have ever worked with sounds just like you.
Josie
June 4, 2009 at 7:38 pm
I absolutely love sox, both from a design and architectural point of view. Many lower level developers misunderstand the purpose of sox. It's not about audit logging infinitum, but rather the separation of business process oriented system access. If a system is well designed around logical business process it will lend itself wonderfully to the constraints of sox rules. Those that bemoan sox are generally trying to retro-fit a poorly designed system.
Granted it's not sexy, but with internal audit moving up the corporate power ladder and filling a very large seat at the decision making table, we've been able to dramatically trim the sales cycle as CFOs scramble toward compliancy.
They thought we were crazy when we ploughed our crop under, but we built it and they did come.
June 4, 2009 at 7:49 pm
Datamama (6/4/2009)
... and btw - every great DBA I have ever worked with sounds just like you.Josie
Heh... thanks Josie :blush:. Every good one I've worked with sounds the same way. When I first started out, I didn't use to be that way and thought those types of DBA's were being a bit annoying and "controlling". Then, I lived through a couple of crises with them that could have easily been prevented. One of those easily preventable crises took 40 people 10 days to repair. It changed my whole outlook especially since I was up and at 'em for most of those 10 days. 😛
--Jeff Moden
Change is inevitable... Change for the better is not.
Viewing 10 posts - 16 through 24 (of 24 total)
You must be logged in to reply to this topic. Login to reply