Kbase P102424: Are Progress Software products Sarbanes Oxley compliant?
| Autor |
Progress Software Corporation - Progress |
| Acesso |
Público |
| Publicação |
16/10/2008 |
|
Status: Unverified
GOAL:
Are Progress Software products Sarbanes Oxley compliant?
FIX:
Sarbanes Oxley (also abbreviated as SOX) compliance is dependent internal auditing processes within a company, rather than on the application design or the tools being used. It is more about process than about any functionality any software vendor provides.
Progress Software products are the basis for building and running applications; they are not end user applications in themselves. Many customers are Sarbanes Oxley compliant and are using Progress applications in production today. They use triggers to capture audit data, and a very complete set of operating procedures (that they develop themselves) to address database administration and development aspects of compliancy.
Progress Software (nor any other software tools or application vendor) is unable to provide or certify it's products for SOX compliance, as compliance is primarily dependent on internal procedures, auditing, record keeping, etc. The applications are merely tools that are used in this process.
Future releases of Progress OpenEdge will introduce additional features that will further simplify the task of creating applications that are Sarbanes Oxley compliant. These features include auditing functionality for the Progress RDBMS as well as the 4GL programming language. However, while they simplify meeting some of the Sarbanes Oxley requirements, compliance is still dependent on the internal processes and the capture of audit information, tasks which could be simplified by the design of the applications.