Re: Back and a Question
- From: Nuno Souto <dbvision@xxxxxxxxxxxx>
- To: oracle-l <oracle-l@xxxxxxxxxxxxx>
- Date: Wed, 16 Aug 2006 15:06:34 +0800
From where I stand, it's exactly like Ryan described:
we got SOx-audited last year and again this year and in both
occasions access to production by developers came up as an
absolute no-no and something we simply cannot allow.
Which I tend to agree with, BTW. ;-)
--
Cheers
Nuno Souto
from sunny Sydney
Quoting David Aldridge <david@xxxxxxxxxxxxxxxxxx>:
> Tsh, is there any lie that those operations people won't tell in order
> to keep us out of their sandbox?
>
> Seriously though, I don't think that SOX is that detailed, and I don't
> believe any STIG is either. It sounds like that rule is more along the
> lines of an _interpretation_ of the regulations, or a quoting of the
> regulations to justify a rule (depending on your degree of cynicism).
>
> ryan_gaffuri@xxxxxxxxxxx wrote:
> >
> > I did DOD befoer this. I am doing financial now. The federal government
> > actually passed security laws for financial companies as part of
> > Sarbanes-Oxley(SOX). I was told by operations that one of the rules is
> > that development cannot have access to production data. That is a
> > problem for production support when you get data issues.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
