 |
 |
  |
|
 |
Subaru Italia S.p.A.
[Manufacturing]
ITALY |
|
 |
Sarbanes-Oxley Compliance
System and Database Audit
Access Control |
|
|
Blédina
[Food-processing]
FRANCE |
|
|
SOX Compliance
"QJRN/400 and CONTROLER have widely enabled Bledina to meet Sarbanes-Oxley act requirements (97% of the items approved by PWC during the last audit). These good results, together with those of the other subsidiaries, have contributed to the Danone Group compliance with the Sarbanes-Oxley act."
|
|
|
Rush Trucking (USA)
[Manufacturing]
USA |
|
|
Access and Commands Control
Access and Commands Control
 More
info...
|
|
|
Ahlstrom (USA)
[Manufacturing]
USA
http://www.Ahlstrom.com |
|
|
SOX compliance
System Auditing.
In collaboration with BPCS |
|
|
Tupperware Products Inc.
[Manufacturing]
SWITZERLAND |
|
|
System and application audit for Sarbanes Oxley compliance
- Profile, systems value and audit value modifications are monitored.
- Sensitive data on JDE Oneworld Files are monitored.
|
|
|
Banque de Luxembourg
[Banking/Insurance]
LUXEMBOURG |
|
|
In collaboration with VISION and OLYMPIC
Managed by the IT security team, used by the Internal Audit and System teams
System and application audit
- Automatic gathering of auditable information.
- Conservation and logging of collecting files.
- Profile, systems value and audit value changes are monitored.
- Role tables and OLYMPIC security are monitored.
- Sensitive data are monitored. Actions on OLYMPIC files (create and delete) are monitored.
- Monitoring of actions on OLYMPIC journaling files.
- Warnings by SMS or AS/400 MSG when the profile QSECOFR is being used.
- Daily sending of printed reports to the audit, security and system teams.
- Printed reports are sent daily to audit, security system teams.
- Reports by email are sent daily to the audit and security teams.
- The OLYMPIC journals’ Repository is monitored.(create or delete fields).
- Access to specific OLYMPIC files is monitored.
- Manipulations of objects in the production system are monitored.
- Access to back up base is monitored.
Access control
- Control of TELNET connections.
- Access to database by ODBC, FTP,…is limited.
- Control of the use of sensitive commands (system shutdown, SQL, DFU, etc) has been set up.
- The use of sensitive commands is controlled by remote access.
- Access to the IFS is controlled. Non-authorized access attempts (sessions, objects) are monitored.
More
info...
|
|
|
Ceca-Gadis
[Distribution]
GABON |
|
|
Fraud on a sales management application
- Installation in background mode by head accountant.
- All entry transactions (reception, loading slips, invoices), are traceable.
- Statistical reports help understand the mechanism of the software.
- The transaction used to modify received quantities was discovered.
- Monitoring has been implemented in continuous mode with warning messages. A user was caught instantly. The financial loss is difficult to estimate (at least 300.000 euro within two years).
More
info...
|
|
|
Compagnie Monégasque de Banque
[Banking/Insurance]
MONACO |
|
|
In collaboration with Vision, Access control
- Local and remote access are limited and control of the use of sensitive commands has been set up.
|
|
|
Figel
[Distribution]
FRANCE |
|
|
Trace-ability section - ISO 9002 Certification
- Historization of product modifications
- Training in query utilization given to users from the sales department, aftersales and quality control
- Replacement of monitoring using paper format and direct freeing of one work post
- Searches carried out directly by the users of the departments concerned
- Quality improvement of information entered by the users and end of contestations in the case of anomalies
More
info...
|
|
|
Fortis Assurances Luxembourg
[Banking/Insurance]
LUXEMBOURG |
|
|
In collaboration with DataMirror, Access control
- Access to database by ODBC, FTP,…is limited.
- Control of the use of sensitive commands (system shutdown, SQL, DFU, etc) is set up.
- Control of TELNET connections.
|
|
