Beruflich Dokumente
Kultur Dokumente
Express
Administrators Manual - August 2005
OpenPages, Inc.
201 Jones Road
Waltham, MA 02451
781.647.3800
www.openpages.com
ii
Copyright Information
Copyright 2003-2005 OpenPages, Inc. All rights reserved.
No part of this book may be reproduced, stored in a retrieval system, or transmitted by any
means, electronic, mechanical, photocopying, recording, or otherwise, without written
permission from OpenPages.
All questions pertaining to duplication or redistribution of this material and/or the software that
it describes should be directed to:
OpenPages, Inc.
201 Jones Road
Waltham, MA 02451
781.647.3800
Trademark Information
OpenPages, Sarbanes-Oxley Express, and SOX Express are Registered Trademarks of
OpenPages Inc.
Disclaimer
Although every precaution has been taken in the preparation of this user manual, OpenPages
and the author assume no responsibility for errors or omissions. No liability is assumed for
damages resulting from the use of the information contained herein.
Release Information
Software Version: Sarbanes-Oxley Express 3.1.0
Administrators Manual Published: August 2005
Manual Version: AM-310.7
iii
Table of Contents
Chapter 1
Introduction
What is the Sarbanes-Oxley Act of 2002? . . . . . . . . . . . . . . . . . . . . . . 2
Overview . . . . . . . . . . .
What is Section 302? . . .
What is Section 404? . . .
Additional Responsibilities
Additional Information . .
....
....
....
...
....
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
2
2
2
2
2
Chapter 2
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
6
6
6
7
7
7
8
8
8
9
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
10
10
10
10
10
11
11
11
11
11
11
11
11
12
iv
Publishing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Setting Up Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Overview of Implementing ACL Security . . . . . . . . . . .
About Access Controls . . . . . . . . . . . . . . . . .
Preparing For Your Security Implementation . .
The Compliance Object Folder Structure . . . . . . . . . . .
Using Inheritance with Access Control Lists . . . . . . . .
About Breaking Inheritance . . . . . . . . . . . . . .
Creating a New ACL . . . . . . . . . . . . . . . . . . . . . . . . .
Editing an Existing ACL . . . . . . . . . . . . . . . . . . . . . .
Deleting an Existing ACL . . . . . . . . . . . . . . . . . . . . .
Using Groups to Establish User Roles . . . . . . . . . . . . .
The Core SOX Express Groups . . . . . . . . . .
Example: Using Groups to Establish User Roles
Using Groups to Limit User Activities . . . . . . . . . . . . .
Using Nested Groups to Limit User Scope . . . . . . . . . .
Step One: Breaking Folder Inheritance . . . . . .
Step Two: Nesting Your User Groups . . . . . . .
Using Group ACLs to Traverse Business Entities . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
13
13
14
15
16
16
17
18
18
19
19
19
20
23
23
23
26
.
.
.
.
.
.
27
27
27
27
28
28
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
30
30
30
30
31
32
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
33
34
36
36
37
38
38
38
38
38
39
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
40
40
40
40
40
40
41
41
42
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
43
43
43
44
44
44
45
45
45
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
46
46
46
46
47
47
47
48
55
55
55
55
56
57
57
57
58
58
Chapter 3
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
59
59
59
59
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
61
61
61
61
61
61
62
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
64
64
65
65
66
....
....
....
....
....
....
....
....
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
67
67
67
68
69
69
70
70
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
73
73
73
73
73
74
75
75
75
75
76
76
. . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Differences From the Exporter Tool . . . . . . . . . . . . .
Configuring the Reporting Metadata . . . . . . . . . . . . . . . . . . .
About the Configuration Tables . . . . . . . . . . . . . . . .
About the Reporting Schema Scripts . . . . . . . . . . . .
Customizing the Reporting Schema Configuration . . .
Supported Macro Keywords . . . . . . . . . . . . . . . . . . .
Populating the Reporting Schema . . . . . . . . . . . . . . . . . . . .
Checking the Results of the Reporting Schema Refresh
Exporting Data to the Reporting Database Instance . . . . . . . .
Exporting the Reporting Schema Contents . . . . . . . .
Importing the Reporting Schema Contents . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
77
77
77
77
79
79
80
81
82
83
83
84
Chapter 4
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
85
85
86
86
86
87
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
89
89
90
91
92
92
92
93
93
95
96
96
97
98
99
99
101
103
105
106
106
107
107
108
108
108
109
110
111
111
111
112
113
114
114
114
115
115
116
117
117
117
117
118
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
119
119
119
119
Appendix A
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
121
121
121
121
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Using the Test Notification Template . . . . . . . . . . . . . . . . . . . . 122
Using the General SOX Notifications Template . . . . . . . . . . . . . 122
Step Two: Creating the Notification
. . . . . . . . . . . . . . . . . . . . . . . . . . 123
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a Test Notification . . . . . . . . . . . . . . .
Understanding the Test Notification Fields
Creating a General Notification . . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
123
123
123
126
Chapter B
.......
.......
.......
Interface
.......
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
129
129
129
129
131
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
132
133
133
135
137
139
140
142
144
147
151
153
155
157
159
160
161
162
164
164
164
165
165
166
166
167
167
167
167
168
168
168
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
....
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Appendix C
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
169
169
170
170
171
171
172
172
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
175
175
175
175
176
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
177
177
177
177
178
Introduction
Additional Responsibilities
The SOA also describes other responsibilities. For example, it informs company boards of their
responsibilities with respect to the institution of audit committees. It instructs the SEC to create
an independent public accounting oversight board with the express mandate to regulate the
conduct of audit firms. Furthermore, it lays down guidelines for conduct of attorneys that
represent public corporations before the SEC.
Additional Information
This guide only provides a high-level overview of the Sarbanes-Oxley Act of 2002. You can find
more in-depth information about the Sarbanes-Oxley Act of 2002 in the Sarbanes-Oxley
Resource Center on the OpenPages web site at http://www.openpages.com.
Introduction
Signoff Capability
Supports the attachment of signoff tasks that require a user to append a signature to
a compliance object.
Introduction
Administering
SOX Express
This chapter provides information about administering the SOX Express
application using the capabilities of the SOX Express user interface,
including adding and modifying SOX Express users, setting up folderlevel security, report administration, and managing reporting periods.
This chapter contains the following sections:
Allowed Special
Character
Description
At sign
Dash
Period or dot
Underscore
Log into SOX Express with an account that has permissions to add and modify users
and groups.
Click on the Users / Groups link under the Administration heading. The list of SOX
Express users and groups is displayed.
Expand the list of groups and users until the group to which you want to add the new
user is displayed. Click the name of the group to display the Group Details page.
4.
5.
Scroll down to the Users section that lists all of the users who currently belong to the
group. Click the Add New... button.
Enter the necessary information for the new user account. When you are finished, click
Create to continue.
Note: User names must contain only alphanumeric characters and underscores, and
cannot contain spaces. User names and passwords are limited to 32 characters.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
2. Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
3. Expand the list until the user account you wish to edit is shown and then click on the
user name to display the Details page.
4. Click the Edit... button at the top of the User Information section. The Edit User
Information page is displayed.
Note: You may not change a users user name.
5.
Edit the necessary information, and click Save to return to the User Details page.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
Expand the list until the user account you wish to disable is shown and then click on the
user name to display the Details page.
Click the Disable button at the top of the User Information section. The button text
changes to Enable and the value of the Active field changes to False.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
Expand the list until the disabled user account you wish to enable is shown and then
click on the user name to display the Details page.
Click the Enable button at the top of the User Information section. The button text
changes to Disable and the value of the Active field changes to False.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
2. Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
3. Navigate to the group to which you want to add a user.
4. Click the group name to display the Details page.
5. Click the Associate... button at the top of the Users table. The Select Users page is
displayed.
6. Expand the user list to find the user you wish to add.
7. Select the checkbox next to the user account you wish to add to the group and click the
Associate button to add the user to the current group.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
Expand the list of groups and users and click the name of the desired user group.
Scroll down to the Users section of the Details page
Select the checkbox next to the user you wish to remove from the group and click the
Disassociate button to remove the user from the group.
Creating a Group
Users with the correct permissions can create groups using the SOX Express User/Group
interface. Groups can contain other groups and users, and inherit application permissions from
the groups that they belong to.
To create a new group:
1.
2.
3.
4.
5.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
Expand the list and click on the name of the group to which the new group will belong.
If there is no higher-level group for the new group, click on SOXUsers. The Details
page of the group is displayed.
Scroll down to the Sub-Groups section of the Details page and click Add New...
Fill in the required information for the new group and click Create. The parent groups
Details page is displayed with the new group listed in the Sub-Groups section.
Note: Group names must contain only alphanumeric characters and underscores, and
cannot contain spaces. Group names are limited to 40 characters.
6.
Click the name of the new group to view the Details page if you want to add users to
the group or modify the group permissions.
Removing a Sub-Group
When you remove a sub-group from a SOX Express group and that sub-group does not belong
to any other SOX Express group, the sub-group will not appear in the Users/Groups listing.
When adding an existing group to another group, the removed group will still be available in
the group selector list.
Note: If you remove a sub-group from the SOXUsers group, and the members of that group do
not belong to any other groups that inherit permissions from the SOXUsers group, they will no
longer be able to log in to SOX Express.
To remove a sub-group from a group:
1.
2.
3.
4.
5.
Log into SOX Express with an account that has permissions to add and modify users
and groups.
Click on the Users and Groups link under the Administration heading. The list of
SOX Express users and groups is displayed.
Expand the list and click on the name of the group to which the soon-to-be-deleted
group belongs. The Details page of the group is displayed.
Scroll down to the Sub-Groups section of the Details page, select the checkbox next to
the group to be deleted, and click Disassociate. A confirmation dialog is displayed.
Click OK in the dialog to disassociate the selected group(s)
Administration
This application permission grants all three permissions in the Administration grouping. If you
wish to create an administrative-level group, they will need this permission group. If a user
group possesses any of these permissions, they will see the Administration heading in the
right-hand Action menu with the appropriate sub-headings.
Object Reset
Allows members of the user group to reset compliance objects for a new reporting period. For
information on governing reset behavior, see the section, Resetting Compliance Objects on
page 46.
Reporting Periods
Allows members of the user group to create and delete Reporting Periods through the
Reporting Periods link in the left-hand Action menu.
Audit Trail
This application permission allows members of the user group to view the Audit Trail
information for compliance objects. With this permission enabled, an Audit Trail button can be
selected at the top of the compliance objects Details page.
Browse Files
Allows groups with this permission to view and navigate the Browse Files heading on the
Action menu.
Folders
This application permission allows members of the user group to create new folders in the
compliance object repository that do not correspond to business entities. This allows users to
create their own folder structure.
Issues
The application permission allows members of the user group to view the list of SOX Issues
through the Issues link in the left-hand Action menu.
Project Management
The application permission allows members of the user group to use the Project Management
capabilities available through the Project Management link in the left-hand Action menu.
View Locks
Users with the View Locks permission can view the existing locks on compliance objects. The
View Locks permission does not grant the right to lock or unlock an object - for that you need
either the Lock permission or the Unlock permission.
Other Permissions
The following application permissions are not contained under the SOX permission heading, but
still have an impact on SOX Express application behavior. Application permissions determine
what functional areas and administrative operations a given user or group is able to perform.
Typically, end users do not require applicaiton permissions.
All Permissions
Grants members of the user group all permissions and access to every functional and
administrative area within SOX Express (Web and server).
Administration
Grants members of the user group access to all administrative functions within SOX Express
(Web and server).
Collaboration
This application permission grants all administrative permissions under the Collaboration
grouping that are related to managing tasks and jobs.
Start Jobs
Allows group members to start a job.
Files
This application permission grants all administrative permissions under the Files grouping that
are related to managing files and folders.
Add Folders
Allows group members to create and add new folders.
Cancel Checkout
Allows group members to cancel the file check out process for associated files that were
checked out by others. When a file check out is canceled, the file is checked back into the
system without applying any changes and no new version of the file is created.
Lock
Allows group members to sign off on any SOX Express compliance object, regardless of signoff
or ACL restrictions.
Unlock
Allows group members to unlock any SOX Express compliance object.
Publishing
Add Folder Assignments
Allows group members to create a new folder assignment. Folder assignments link to an
existing folder in the repository and automatically create a reference in the current channel
folder to any files of a particular file type.
Add Folders
Allows group members to create and add a new channel folder.
Add Pages
Allows group members to create and add publishing-specific files that are used to generate
published web pages. Pages are based on page templates.
Add Templates
Allows group members to create and add page templates that are used to create Web pages.
Assign Files
Allows group members to assign files to specific channel folders.
Browse Channels
Allows group members to browse channels. A channel represent the structure of a published
website.
Create Channels
Allows group members to create a new channel for publishing a website.
Manage Rules
Allows group members to add and modify file rules that specify how file assignments are
published within a given channel folder.
Setting Up Security 13
Setting Up Security
Overview of Implementing ACL Security
Sarbanes-Oxley Express allows administrators to grant or deny read, write, delete, and
associate permissions to groups or specific users. These permissions are set using an Access
Control List, or ACL. An ACL is the list of groups and users who have permissions for the
specified folder. You can explicitly set permissions on folders or inherit permissions from a
parent folder.
This section provides an overview of the procedures involved in setting up security for your
internal controls documentation project, as well as the reasoning behind the required group and
ACL structures.
Note: SOX Express access controls can only be set at the folder level. Individual objects within
a folder cannot have ACLs - they automatically assume the ACL of the folder. If you have
permissions for one item in a folder, you have the same permissions for the other compliance
objects in that folder.
Read - the group or user can view the details of the objects contained in the folder and
the folder itself, but cannot edit them. Note that if Read access is denied to a group or
user, they will not be able to SEE the folder, or any folders under that folder.
Write - the group or user can view the details of the objects within a folder and modify
them, but cannot delete them. Write access to a folder is required for creating new
objects within the folder.
Delete - the group or user can delete objects within the folder.
Associate - the group or user can create associations between compliance objects
Granted - the user or group has full access to the specified action (Read/Write/Delete/
Associate). The user can view, modify, or delete the file or folder, depending on the
permission.
Inherited - the setting is inherited from the nearest parent folder that contains an
explicit setting for the permission. If no parent folder has an explicit permission set, the
root folder of the compliance hierarchy sets the permission.
Denied - the user or group cannot perform the specified action. If Read permissions
are denied, the folder will not be displayed in the hierarchical view or the compliance
object view.
Read permission is required for Write and Associate access, and Write access is required in
order for Delete access to be granted. You can select any combination of permissions, but when
you save the ACL, it will be modified to be a valid combination of permissions.
Administering SOX Express
Setting Up Security 14
Note: It can also be helpful to have your user accounts created, although you can implement
ACL security without them.
Setting Up Security 15
entity to each regional site. Now each regional site has its own hierarchy, complete with a
unique entity folder structure.
Note that in our example, only the Library and the Site business entities have non-entity
compliance objects in them. The CorporateCenter and all of the Regional entities are just
containers for the Site business entities.
Business entities are contained in their own folder, while all of the other compliance object
types have their own folder underneath the ICDocumentation folder.
Note: ACLs should never be added to folders that were automatically created during the SOX
Express installation (e.g. ICDocumentation, BusinessEntity, etc.). Always create ACLs using the
SOX Express administrative user interface.
When you add a new business entity called Enterprise, a folder with the name of the business
entity is created underneath the BusinessEntity folder, as below:
When you add a sub-entity named Region to the Enterprise entity, a corresponding folder is
created.
When you add other compliance objects to a business entity hierarchy, the folder structure of
the business entities it belongs to is automatically created under the compliance object type
folder. All compliance objects of that type created for that business entity are placed in the
same folder.
Setting Up Security 16
Important Note: When you are setting ACLs, it is important to remember to set ACLs for the
business entity folders under the ICDocumentation folder structure, as well as the
BusinessEntity folder structure. If you do not, when you try to access the compliance objects
you will not be able to browse to the objects. You should never set ACLs on the container
folders (e.g. ICDocumentation, BusinessEntity).
Setting Up Security 17
7.
Click Access Controls in the breadcrumb trail to return to the Access Controls folder
list.
Remember, no one except the groups (and sub-groups of those groups) listed in the Access
Controls table will be able to see the folder or its contents.
Note: The SOXAdministrators group and the creator of a folder or object is exempt from ACL
restrictions. The creator always has Delete access to files and folders he or she has created,
while the SOXAdministrators group has total access to all files and folders.
Log into SOX Express as a user with the Access Control Lists application permission.
Click on the Administration | Access Control link in the Action menu. An expandable
list of folders is displayed.
Navigate to the folder whose access control list you want to modify. Click the folder
name to display the Details page of the folder.
Click the Edit... button at the top of the Access Controls table. The Edit Permissions
page is displayed.
Click Add to add a new access control to the list. A dialog box is displayed.
Choose the desired group or user from the drop-down list.
Select the desired permissions by highlighting the appropriate choices and clicking OK
when finished. The dialog closes, and the new ACL appears in the list area of the folder
Details page.
Read permission is required for Write and Associate access, and Write access is
required in order for Delete access to be granted. You can select any combination of
permissions, but when you save the ACL, it will be modified to be a valid combination of
permissions.
For example, if you set Read/Write/Delete/Associate to Denied/Granted/Granted/
Granted, when you click Ok, the displayed permissions will be Granted/Granted/
Granted/Granted. Because users must have Read permissions in order to have Delete
permissions, the Read permission is changed to Granted.
In order to set Read to Denied, Write, Delete, and Associate must also be set to Denied.
Note: If you do not set a specific permission, it will be set to Inherited unless a set
access permission (such as Delete) forces the blank permission to Granted.
For example, if you set a folder ACL for a group to Granted for Read, and leave Write,
Delete, and Associate blank, they will be shown in the UI as Granted/Inherited/
Inherited/Inherited. However, if you set the permissions to Granted for Delete, and left
Read, Write, and Associate blank, the ACL would be displayed as Granted/Granted/
Granted/Inherited, since Delete requires Read and Write permissions.
8.
9.
Setting Up Security 18
Log into SOX Express as a user with the Manage ACLs application permission.
Click the Access Control link on the Action Menu to display the list of access controls.
Click the checkbox next to the folder name and click the Edit button to display the list
of existing ACLs.
Click the checkbox next to the existing ACL you wish to modify and click the Edit button
to display the Edit ACL page.
Select the desired permissions by highlighting the appropriate choices and clicking
Save when finished. The dialog closes, and the updated ACL appears in the list area of
the Access Control page.
Read permission is required for Write and Associate access, and Write access is
required in order for Delete access to be granted. You can select any combination of
permissions, but when you save the ACL, it will be modified to be a valid combination of
permissions.
For example, if you set Read/Write/Delete/Associate to Denied/Granted/Granted/
Granted, when you click Ok, the displayed permissions will be Granted/Granted/
Granted/Granted. Because users must have Read permissions in order to have Delete
permissions, the Read permission is changed to Granted.
In order to set Read to Denied, Write, Delete, and Associate must also be set to Denied.
For example, if you set a folder ACL for a group to Granted for Read, and leave Write
and Delete blank, they will be shown in the UI as Granted/Inherited/Inherited.
However, if you set the permissions to Granted for Delete, and left Read and Write
blank, the ACL would be displayed as Granted/Granted/Granted, since Delete requires
Read and Write permissions.
Log into SOX Express as a user with the Access Control Lists application permission.
Click the Access Control link on the Action Menu to display the list of access controls.
Navigate the folder tree to display the folder containing the ACL you want to change.
Click the folder name to display the Details page with the list of existing ACLs.
Click the checkbox next to the existing ACL you wish to remove and click the Delete
button to remove the ACL.
Note: If you have broken inheritance for a folder, there will be entries for the
SOXAdministrators and OPAdministrators groups. These ACLs cannot be edited or
deleted.
Setting Up Security 19
SOXUsers - This group is a container for all users who are part of the SOX Express
application. Every SOX Express user will be a part of this group through inheritance.
The SOXUsers group has a single sub-group - SOXAdministrators.
Note: The SOXUsers group should never be used to set ACLs on any folder. The group
exists for administrative purposes only.
The Executive Team. These are people who do not document or modify individual
compliance objects. As a team, they are only interested in viewing the entire internal
controls documentation process as a whole, and quantifying the results. CFOs and
high-level corporate users fall into this category. They need read access to almost all
folders in order to run reports on the documentation project as a whole.
The System Team. This group is responsible for setting up and maintaining the entire
hierarchy of SOX Express compliance objects. They are also the only ones allowed to
modify anything above the control level. In most companies, the IT department or a
sub-set of the central accounting team is responsible for these activities.
The Regional Teams. These groups are responsible for developing, maintaining, and
overseeing the compliance objects for all of the sites within their regions.
The Site Teams. These groups are responsible for documenting the controls for their
sites, as well as uploading test results and control documents.
The Executive and System teams are both based in the Corporate Center, while the Regional
Teams and Site Teams are located in their respective regional and site headquarters.
Although you can have user groups that correspond to the entire team, they are not necessary
when setting ACLs. However, so-called team groups can be helpful for organizational
purposes as well as assigning tasks or other uses. The important groups within each team will
divide the teams according to the level of interaction (Reading, Writing, Deleting, Associating)
they will be allowed, as well as the scope of the folders they can act on. These groups will be
explained in the following sections.
Setting Up Security 20
FinancialOfficers
ExternalAuditors
InternalAuditors
In the case of the Executive Team, the sub-groups are merely organizational in nature.
However, by making them sub-groups of the Executive Team group, you gain the flexibility of
categorizing the Executive users by roles without adding complexity to your ACL definitions.
All of the sub-groups require the same access to the compliance object hierarchy - they only
need Read access in order to run reports and view individual objects from those reports. As an
organizational grouping, the ExecutiveTeam group will not appear in any ACLs directly - rather,
it will be added as a member of many other groups with read-only access.
Once you have created your Executive Team sub-groups, add the appropriate users to each
sub-group. Users should NOT be added directly to the ExecutiveTeam group - add them to a
sub-group instead.
Setting Up Security 21
Since the System team is responsible for modifying the entire object hierarchy, as well as
reports, projects, etc, they also need to be granted access at the highest level in the entity
hierarchy.
Once you have finished creating the SystemTeam sub-groups, add the System users to the
appropriate System user group, depending on their role.
Note: When looking at this group, you might be tempted to add the ExecutiveTeam group to
the SystemReviewer group. After all, they both need Read access to everything - why not? One
small reason - the Library business entity. As the blank template for any new Regions or Sites
that might be created, the SystemReviewers will need access to the Library. The
ExecutiveTeam group, however, does not want access to the Library, since they will not want to
include the Library objects in any reports they run. Dont forget that the scope of what you can
see determines the content of any reports you run. Reports will not include any objects you
cannot view.
Setting up the System team demonstrates the ability to use sub-groups to refine the
permissions and access levels within a specific organization.
Setting Up Security 22
You would create a set of groups for each region in your company (Region02Reviewers,
Region02Writers, etc.). Once you have completed creating a set of groups for each region and
added all of the users from the Regional Teams who belong directly to each group, it is time to
create the groups for each Site.
Just like at the Regional level, you would create a set of sub-groups for each site in each
Region. Although by this time we are probably creating a lot of groups, each group will only
have to be declared in an ACL once at the site level.
As you create the Site groups, you can add the users who belong directly to each group. Adding
groups to other groups will be handled in the next section.
Setting Up Security 23
7.
8.
Log into SOX Express as a user with the Access Control Lists application permission.
Click the Access Control link on the Action Menu and navigate to the business entity
folder where you wish to break inheritance (under the Default directory).
When you have found the desired folder, click the name of the folder to display the
Details page.
Click the Add button in the Access Controls table and choose the desired group or user
from the list.
Choose the desired permissions for the group or user by highlighting the appropriate
entries and click the OK button to add the new ACL to the folder.
Now that a valid ACL exists for the folder, click the Disable Inheritance button under
the Folder heading. The value of the Inherit ACL field is changed to false and the
Disable Inheritance button changes to Enable Inheritance.
Click Access Controls in the breadcrumb trail to return to the Access Controls folder
list.
Repeat this procedure for each business entity folder.
Note: Do not forget to modify the business entity folders under each compliance object
type in the ICDocumentation tree.
Setting Up Security 24
Lets follow one use case shown in the preceding diagram. The SystemWriters group becomes a
sub-group to the Region01Writers group (and the Region02Writers group, and so on). Then,
the Region01Writers group becomes a sub-group of the R01Site01Writers group (and the
R01Site02Writers group, etc.). The sub-groups of Region01Writers also become sub-groups of
R01Site01Writers through group inheritance. The effective members list of R01Site01Writers is
now:
R01Site01Writers
<writer1>
<writer2>
...
Region01Writers
(SystemWriters)
In the above example, SystemWriters is in parenthesis, because it isnt explicitly added to the
group - its included as a sub-group of the RegionalXXWriters groups. The same goes for the
ExecutiveTeam group; it is added to each of the RegionXXReviewers groups. Executives only
need Read access, so we dont need to add them to any other ACL classification.
Note: If you are using the Library paradigm, you do not want to add the ExecutiveTeam group
to the Library group. You dont want empty Library data included into the executive level
reports.
Now lets explore how we can use our nested groups to set our ACLs.
Setting Up Security 25
We dont need to specify the Region01Reviewers, Writers, or Directors - they are already
included as members of the R01Site01 groups!
In general, you only need to specify ACLs for different access control levels (Read, Write,
Delete, Associate) for business entity folders that contain non-business entity compliance
objects. For example, in our hierarchy, Regions only contain the sub-entity Sites - there are no
accounts, processes, etc. directly associated with a Region. Therefore, we dont have to create
ACLs for Region01Reviewers and the other ACL-specific groups at the Region level. In our
current example, heres the ACL list for Region01:
Heres are some general guidelines for whether or not to create an ACL for a user group on a
business entity:
If the business entity has accounts or processes associated with it, you need to create
an ACL for each entity-specific group (such as R01Site1Writers, etc.) with the correct
privileges.
When you create ACLs for a business entity, you must replicate the ACL for each
business entity folder underneath the ICDocumentation folder structure. For example,
you must create the same ACL list for the ICDocumentation/Accounts/Region01/
R01Site01 folder that you created for the BusinessEntities/Region01/R01Site01 folder,
and so on through each sub-folder structure under ICDocumentation (Accounts,
Processes, Risks, Controls, etc.).
Note: If no folder with the correct name exists, either there is no compliance object of
that type currently in the business entitys hierarchy, or a parent folders ACLs do not
include a group that contains the current user, preventing you from seeing the folder.
If a business entity only has sub-entities associated with it, you should not create
individual ACLs for the business entitys Reviewer, Writer, and Director groups. We will
deal with this in the next section,
Only one step remains - weve created the ACLs for our business entities, but when you log in,
you can only see the first level of your business entities! We now need to establish read
permissions in the business entities above our Site user groups, so that we can browse down to
the Site level and view our compliance objects.
Setting Up Security 26
4.
5.
6.
7.
The following sections will detail the steps required to configure SOX Express to work with an
external LDAP authentication source.
OPSystem
OPAdministrator (only if you are using this account)
SOXAdministrator (only if you are using this account)
Note: If you specify a password for the OPSystem account that is different from the one
installed by the product, you will need to complete Step Two to change the OPSystem account
password system-wide.
3.
4.
5.
6.
Find the line that contains the TWFServerPassword property and change the value to
the new OPSystem password.
Save your changes and exit.
Restart all services in order to enable the new password.
The only module that Openpages pays attention to is the module named Openpages.
Therefore, in this step we will modify the configuration file to change the name of the correct
LDAP authentication server module to Openpages, and then change the settings to reflect the
settings of your LDAP server.
To modify the configuration file:
1.
2.
3.
4.
5.
Specify the correct values for the following properties in the appropriate module:
provider.url - Change the value to the hostname and port number for the LDAP
authentication server.
base.dn - The top level of the LDAP directory tree structure (Domain Name) on
the LDAP server. If the users to be authenticated are located in multiple
locations within your Active Directory structure, you will need to list all of the
locations explicitly by using the distinguished names of the locations, each
separated by a semi-colon.
For example:
base.dn="DC=LDAPTesting,DC=local;CN=Users,DC=LDAPTesting,DC=local;
OU=Auditors,OU=External Auditors,OU=Staff,DC=LDAPTesting,DC=local"
user.attr.id - the attribute name of the user identifier (for example, uid, cn,
etc.)
Additional custom parameters can be added by preceding them with the prefix
ctx.env. (without the quotes).
For example, when using the Sun One Directory Server:
OpenpagesIP
{
com.openpages.aurora.service.security.namespace.LDAPLoginModule
required debug=false
provider.url="ldap://192.168.0.169:30429"
security.authentication="simple"
base.dn="DC=LDAPTesting,DC=local;OU=People,DC=LDAPTesting,
DC=local"
user.attr.id="uid"
ctx.env.your.param="paramvalue"
;
};
An example when using the Microsoft Active Directory server:
6.
7.
OpenpagesAD
{
com.openpages.aurora.service.security.namespace.LDAPLoginModule
required debug=false
provider.url="ldap://192.168.0.165:389"
security.authentication="simple"
security.search.user.dn="CN=Paul Smith,CN=Users,DC=LDAPTesting,
DC=local"
security.search.user.credentials="openpages"
base.dn="CN=Users,DC=LDAPTesting,DC=local"
user.attr.id="sAMAccountName"
;
};
When you are finished editing the file, save your changes and exit.
Restart all services.
Congratulations! You have configured the SOX Express system to use an external LDAP user
authentication server.
Note: When changing the encryption algorithm to 3DES, all user passwords will be reset to
0p3nP4g3s (first character is a zero), and users will need to change their passwords the next
time they log into the system. When changing the encryption algorithm from 3DES to OPCUSTOM, all passwords are unchanged.
Pre-requisites
The following tasks must be completed before running the UPEA tool.
There must be a properly installed and functioning SOX Express 3.0.4 system on the
machine.
All users must log off the system
A full backup of the OP/SOX database must be completed
All SOX Express services should be shut down except for OPAdminWLS. This ensures
that no users are logged onto the system during the password encryption update.
UPEA Syntax
UpdatePasswordEncryptionAlgorithm -Mode [CA|CK] -AlgorithmName [OP-CUSTOM|3DES]
[-ProviderName SunJCE -ProviderClass com.sun.crypto.provider.SunJCE] -Username
OPAdministrator -Password <OPAdministrator password> [-KeySize <length> ][-Port
<portnumber>] [-?]
Parameters:
Parameter
-Mode
Description
Specifies in which mode the tool should run. Possible modes
are:
CA - Change Algorithm Used to switch the encryption
algorithm from OP-CUSTOM to 3DES or 3DES to OP-CUSTOM
CK - Change Key Used to change the 3DES encryption key.
-AlgorithmName
-ProviderName
Parameter
Description
-ProviderClass
-Username
-Password
-Port
-KeySize
-?
The tool will display a message describing the changes it will make and ask for
confirmation. Type Y at the prompt and hit Enter to proceed.
Once the UPEA tool has finished, a success message will be displayed.
Restart all SOX Express services.
You (or the site administrator) must notify all users that their passwords have been
reset to 0p3nP4g3s, and that they will need to change their passwords the next time
they log into the system.
4.
5.
6.
The tool will display a message describing the changes it will make and ask for
confirmation. Type Y at the prompt and hit Enter to proceed.
Once the UPEA tool has finished, a success message will be displayed.
Restart the SOX Express services.
The tool will display a message describing the changes it will make and ask for
confirmation. Type Y at the prompt and hit Enter to proceed.
Once the UPEA tool has finished, a success message will be displayed.
Restart the SOX Express services.
Viewing Reports
Reports are accessed through the Reports link in the left-hand Action menu when you are
logged in to SOX Express. If you do not see the Reports link, your account does not have the
necessary privileges to view reports. If you feel that this is in error, please contact your SOX
Express Administrator for additional information.
To view a report:
1.
After logging in to SOX Express, click on the Reports link in the left-hand Action menu.
A page listing all of the available reports is displayed.
2.
Choose the report you wish to view and click the name of the report. A new window is
displayed.
If the report is scoped, you will be prompted to choose the business entity where you
want the report to run from. The report will use the selected business entity as the
starting point and limit the scope of the report to all compliance objects contained
below the entity.
If the report is not scoped, it will run as soon as you click the name of the report.
3.
4.
When you select a report to view, the report is generated in direct response to your request.
This allows you to see up-to-the-minute status of your IC documentation project.
Supplied Reports
Sarbanes-Oxley Express comes with a selection of pre-defined reports that allow you to quickly
view important information about your project. SOX Express contains the following supplied
reports (in alphabetical order):
Reports that are scoped by default are listed in italics.
Report Name
Description
Accounts by Category
Ad Hoc Tests
All Documentation
All Tests
Lists all tests and their associated controls under the selected
business entity.
Annual Tests
Lists all actions due in the next week that are less than 50%
complete.
Audit Overview
Lists all associated files that have been checked out from the
repository by their check out date. Dates are sorted in
ascending order from oldest to most recent. You must have the
Cancel Checkout application permission to view this report.
Lists all associated files that have been checked out from the
repository by file name for the specified reporting period. You
must have the Cancel Checkout application permission to view
this report.
Lists all associated files that have been checked out from the
repository by full path name for the specified reporting period.
You must have the Cancel Checkout application permission to
view this report.
Lists all the users who have files checked out from the
repository for the specified reporting period. You must have
the Cancel Checkout application permission to view this report.
Control Analysis
Lists for each business entity the number of controls that are
Unsigned, Signed, and Revoked, along with a summary of the
percent of controls signed off for each entity.
Controls - Account
Dashboard
Report Name
Description
Lists the number of controls for each business entity that are
Effective, Ineffective, or Undetermined. Also denotes
Progress - what percentage of controls for the account are
marked Effective.
Controls - Processes
Dashboard
Controls by Location
Controls by Performer
Disassociated Objects by
Name
Disassociated Objects by
Path
Lists all current issues with status of New and priority of High.
Incomplete Documentation
Ineffective Controls
Issues by Assignee
Lists all issues grouped by the user to which they are assigned.
Issues by Status
Milestones
Lists all milestones and project tasks for the current project.
Monthly Tests
My Tests - Performer
My Tests - Reviewer
Lists all action items less than 100% complete and past their
due date.
Process Surveys
Process Tree
Processes Signoffs by
Business Entity
Report Name
Description
Quarterly Tests
Signoffs - Processes
Dashboard
Test Notifications
Top-level Processes
Undetermined Controls
Understanding Reports
Reports are generated by combining Report Pages and Report Page Templates that provide
necessary information about the filtering and sorting of the report contents, as well as the
displayed name and description of the report.
Reports are represented in a publishing channel by a page template which lists the parameters
that the source file needs in order to create a report. A Report Page contains a set of values for
the parameters specified in the Report Page Template.
In this manner, a single Report Template can be supplied with multiple sets of values for its
parameters. This allows SOX Express to create multiple reports based on the same layout and
internal logic. Each Report Page represents a report as viewed in the SOX Express application.
These report files are contained inside the OpenPages repository. The OpenPages repository
handles the data storage and access capabilities for the SOX Express application. In order to
create, modify, or delete SOX Express reports, you must have an SOX Express account with
permission to modify publishing channels. If you are not sure whether you have access to this
functionality, please see your SOX Express Administrator for additional information.
Click on the Browse channels link under the Publishing heading in the left-hand
Action menu. This displays a list of the available publishing channels.
Note: If you cannot see the Publishing heading, you do not have the correct
permissions. See your SOX Express Administrator.
2.
Click the Reporting folder, then the SOX folder. A list of files and folders is displayed.
Each folder represents a report grouping in the SOX Express user interface. Each
Page file represents a SOX Express report.
Log in to the OpenPages web application as a user with the correct Reporting privileges.
Determine which existing report you want to use as the basis for your new report.
For example, if you want to add a new report that is a slightly tweaked version of the
existing Control Analysis report, you would want to use the report template that the
Control Analysis report is based on.
3.
Click on the Browse channels link in the Action menu and find the report you want to
create a modified version of. The SOX reports are listed in folders under the Reporting/
SOX directory.
4. Click the name of the report to view the Details page of the report.
5. Note the value of the Template field. You will need to make a copy of the referenced
template.
6. Click on the Browse Files link in the Action menu and navigate to the Reports folder.
7. Create a new folder under the Reports folder.
8. Navigate under the Reports/SOX folder structure and find the JSP with the same name
as the Template field you just saw.
9. Click the checkbox next to the JSP name and click the Copy To... button.
10. Choose the directory you created in step 7 and click OK to create a copy of the report
template in the target folder.
11. Click on the Browse channels link in the Action menu.
12. Navigate to the folder under the Reporting/SOX folder where you wish your report page
to be created.
Reports placed in the Reports/SOX folder will be displayed in the SOX Express report
list under the heading General Reports. If you wish to create a new heading for your
custom reports, create a new folder underneath the SOX folder.
For example, to create a new report grouping titled My Custom Reports on the
Reports page in SOX Express, create a folder in OpenPages and name it My Custom
Reports. Any reports you create in that folder will appear under that folder structure
on the Reporting page in SOX Express.
13. Click the Add Page button at the top of the window. The Describe page step is
shown.
14. Enter an informative name and description for the page. Make sure they accurately
describe the contents of the report. Note: You will not be able to change the name of a
report after it is created. You will have to delete the report and create a new one to
name the report something else.
15. Select the page template you will use to create the report. Each page template has a
different set of parameters that the report can sort and filter.
Choose the copied template you just created and click Next.
16. Depending on the page template you chose, you will now have to enter the sorting and
filtering information for the report. Supply the required information for the report and
click Apply. After you have applied the modifications, click Finish to create the new
report.
When you log into SOX Express, your report should be visible on the Report page.
After logging into OpenPages, click on the Publishing heading in the left-hand Action
menu.
Navigate to the report you wish to modify and click on the report name to display the
Details page.
Find the section containing the information you wish to change, and click the Edit...
button above the section. An editable version of the information is displayed.
Change the desired settings. If you are changing the parameter sorting information,
you will need to click Apply before clicking Save.
Note: You cannot modify the name of a report. In order to change the name of a
report, you must delete the mis-named report and create an identical report with the
new name.
5.
Deleting a Report
To delete an existing report:
1.
2.
After logging into OpenPages, click on the Publishing heading in the left-hand Action
menu.
Navigate to the report (page) you wish to delete and click the checkbox next to the
report name.
Note: Do not delete a page template! If a page template is deleted, all reports (pages)
based on that template are deleted as well.
3.
4.
Once the report is selected, click the Delete button at the top of the table. A
confirmation dialog is displayed.
Click OK to delete the report.
Log in to OpenPages as a user with the application permissions to create and modify
reports.
Click the Browse channels link in the Action menu and navigate to the page template
for the report you wish to modify.
3.
4.
5.
6.
7.
Click the name of the report template (page template) you wish to modify. The Details
page is displayed.
Click the Edit... button above the list of report parameters. The Edit Parameters applet
is displayed.
Click the name of the parameter that you wish to make interactive. The parameter
information is displayed at the bottom of the page.
Click the checkbox marked Interactive Value and click the Apply button on the righthand side of the page.
Repeat steps 5 and 6 for each parameter you wish to make interactive. When you are
finished, click the Save button at the bottom of the page.
The next time the report is run, the user will be prompted to enter a value for each field marked
as an interactive value.
Note: Reports with an interactive parameter named label are a special case and will not
display a dialog to enter a value for label. The label field is included to support reporting
periods and should not be modified.
Although any parameter type can be made an interactive value, at this time SOX Express only
supports three modes of entering values into the value fields when the report is run. The three
supported types are text entry fields, enumerated drop-downs, and file browsers. Unsupported
types may still be marked as interactive, but the value for the field must be entered manually
via a text string at run-time. A valid value must be entered into the value field for the report to
return the correct set of information.
Click on the Reports link in the SOX Express Action menu. A list of available reports is
displayed.
Navigate to the report you wish to run and click on the name of the report. If the report
contains interactive parameters, a dialog is displayed.
Enter the required information into the text fields.
Note: Although any parameter type can be made an interactive value, at this time SOX
Express only supports three modes of entering values into the value fields when the
report is run. The three supported types are text entry fields, enumerated drop-downs,
and file browsers. Unsupported types may still be marked as interactive, but the value
for the field must be entered manually via a text string at run-time. A valid value must
be entered into the value field for the report to return the correct set of information.
4.
After all of the required information has been entered, click the Next button to
generate the report based on the supplied information. The report is displayed in a new
window.
Usage Example
Note: The following example assumes that the Report Scoping Wizard has been installed and
that the All Documentation report has been configured to use the wizard.
A district manager logs into SOX Express and decides to run the All Documentation report to
find out how the internal controls documentation project is progressing for his district. Clicking
on the All Documentation report, he is presented with a hierarchical list of the available toplevel business entities to which he has access. He navigates the list of entities and selects the
sub-district he is interested in and runs the report. The displayed information is automatically
restricted to the sub-district he chose.
Scoping a Report
To create an interactive report that will be scoped when the report is run, you must complete
the following tasks:
Log in to the OpenPages application as a user with the proper Publishing permissions.
Click the Browse Channels link in the Action menu.
Navigate the channel folders and find the report page for the report you wish to hide.
Click the name of the page and note the template on which the report is based.
Move the page and the template it is based on to the Reporting\Hidden Reports channel
folder.
Note: If any other pages use the report template you are moving, you must also move
the other pages based on the template. Page templates and pages must maintain the
same relative locations to one another. If necessary, you can create sub-folders under
the Hidden Reports folder.
In the original location of the report you want to scope, click Add Page....
Type in the name of the new report and select the Scope Wizard Template as the report
template. Click Next to continue.
Note: If you have moved the original report to a new location (such as Hidden
Reports), you can name the new report the same name as the original. If you did not
move the original report, you will have to choose a different name.
3.
Click Browse... and select the report (pagespec) you want to scope. Click Apply to
modify the parameter, and Finish to create the new report.
You can now log in to SOX Express and run the new report.
Click on the Reporting Periods link in the left-hand Action menu. The Reporting
Periods page is displayed.
Click on the Add button at the top of the page. A new page is displayed.
Enter the necessary information into the correct fields and click Create to create the
new reporting period. You are returned to the Reporting Periods page and the new
reporting period is listed in the table.
After adding a new reporting period, the reporting period will be added to the Reporting Period
selection drop-down at the top of each overview and compliance object page.
3.
Modify the value of reporting.period.display.format to the desired format and save your
changes. For example, to create the following display period name:
Results for Quarter 3 in the year 2004
the necessary line in SOXCustomMessages.properties would look like:
reporting.period.display.format=Results for Quarter {0} in the year {1}
When the naming convention for reporting periods is modified, all reporting periods will adopt
the new naming scheme.
After changing the value of reporting.period.display.format, the SOX Express services must be
restarted to pick up the changed value.
Click on the Reporting Periods link in the left-hand Action menu. The Reporting
Periods page is displayed.
2. Select the checkbox next to the name of the reporting periods you want to delete.
3. Click on the Delete button at the top of the page. A confirmation dialog is displayed.
4. Click OK to delete the selected reporting period. You are returned to the Reporting
Periods page and the deleted reporting period is removed from the table.
Note: If you cannot delete a reporting period (you click the checkbox and the Delete button
does not activate), the deletion period for that reporting period has expired.
Creating a Ruleset
Compliance Object Resets are rule-based operations on the compliance objects in your SOX
Express repository. The rules that govern how a Reset will affect your data are contained in a
Ruleset. A Ruleset is a set of rules contained in an XML loader file that is created outside of SOX
Express. Multiple Rulesets can be included in a single XML file. The ruleset loader file is loaded
into the system through the Object Manager loader tool. Once the Ruleset is imported, it can be
selected during the Specify Options step of the Compliance Object Reset guided action.
Compliance Object Resets can modify compliance objects in three ways: modifying the value of
a property, deleting a compliance object, and disassociating two compliance objects.
When creating a Ruleset, you must know the bundles, properties, and property values you are
modifying and match them exactly. If you do not specify a valid property or property value, the
property will not be modified.
Note: Before creating a final Ruleset to use for your Reset session, it can be extremely helpful
to create simple Rulesets that contain a single rule from your final Ruleset. Running these
single Rulesets against a known dataset can verify the accuracy of each rule before attempting
a massive modification of your data.
Sample Ruleset
The following is a sample of how a simple Ruleset might look:
<?xml version="1.0" encoding="UTF-8"?>
<openpagesConfiguration xmlFormatVersion="1.20">
<ruleSets>
<ruleSet name="Quarterly Reset"
description="Rule set to be executed at the beginning of each
and every quarter"
type="Object Reset">
<rule name="Rule 1"
description="Property Update rule setting a property"
type="Property Update">
<propertyUpdateRule contentType="SOXControl">
<bundle name="SOXControl">
<property name="Design Effectiveness"
useDefaultValue="false">
<propertyValue name="Not Rated"/>
</property>
</bundle>
</propertyUpdateRule>
</rule>
<rule name="Rule 2"
description="Property Update rule setting a collection of
properties (including a multi-valued one)."
type="Property Update">
Administering SOX Express
<propertyUpdateRule contentType="SOXRisk">
<bundle name="SOXRisk">
<property name="Assertions"
useDefaultValue="false">
<propertyValue name="Existence"/>
<propertyValue name="Rights and Obligations"/>
</property>
<property name="Impact"
useDefaultValue="false">
<propertyValue name="Unknown"/>
</property>
</bundle>
</propertyUpdateRule>
</rule>
<rule name="Rule 3"
description="Object Delete rule"
type="Object Delete">
<objectDeleteRule contentType="SOXTestResult"/>
</rule>
<rule name="Rule 4"
description="Object Delete rule with criteria"
type="Object Delete">
<objectDeleteRule contentType="SOXIssue"/>
<criteria logicalOperator="or">
<criterion bundle="SOXIssue"
property="Status"
operator="=">
<propertyValue name="Closed"/>
</criterion>
</criteria>
</rule>
<rule name="Rule 5"
description="Object Disassociate rule"
type="Object Disassociate">
<objectDisassociateRule parentContentType="SOXRisk"
childContentType="SOXDocument"/>
</rule>
</ruleSet>
</ruleSets>
</openpagesConfiguration>
<openpagesConfiguration>
Description: Progenitor tag for the loader file contents. All other tags are contained within the
<openpagesConfiguration> tag.
Parent Tags: None.
Child Tags: <ruleSets>
Syntax:
<openpagesConfiguration xmlFormatVersion="1.15">
</openpagesConfiguration>
Attributes:
Attribute
xmlFormatVersion
Description
Version of the OpenPages XML DTD.
<ruleSets>
Description: Container tag for one or more ruleSet tags.
Parent Tags: <openpagesConfiguration>
Child Tags: <ruleSet>.
Syntax:
<ruleSets>
</ruleSets>
Attributes: None.
<ruleSet>
Description: A ruleset is a collection of rules that will be executed when the ruleset is selected
during a Reset session. Each ruleset is displayed in the SOX Express user interface as a
separate entry in the list of Rulesets.
Parent Tags: <ruleSets>
Child Tags: <rule>
Syntax:
<ruleSet name=Name
description=Description
type=Object Reset
</ruleSet>
Attributes:
Attribute
Description
name
description
type
The type of ruleset. Currently, there is only one type Object Reset.
Administering SOX Express
<rule>
Description: Each <rule> tag contains a single rule that will be applied to the SOX Express
data when the ruleset is selected and a Reset session is initiated.
Parent Tags: <ruleSet>
Child Tags: <propertyUpdateRule>, <objectDeleteRule>, <objectDisassociateRule>,
<criteria>
Syntax:
<rule name=Name
description=Description
type=[Property Update|Object Delete|Object Disassociate]
</rule>
Attributes:
Attribute
Description
name
description
type
<propertyUpdateRule>
Description: The <propertyUpdateRule> tag defines a rule that modifies the value of an
existing property on a certain object type. Unless modified by the use of the <criteria> tag
within the same <rule> tag, all objects of the specified object type within the scope of the
Reset will be updated.
Parent Tags: <rule>
Child Tags: <bundle>
Syntax:
<propertyUpdateRule contentType=>
</propertyUpdateRule>
Attributes:
Attribute
contentType
Description
Specifies the content type that the rule will be applied
to. Must match a valid SOX Express content type.
<bundle>
Description: The <bundle> tag specifies which bundle contains the property to be modified.
Parent Tags: <propertyUpdateRule>
Child Tags: <property>
Syntax:
<bundle name=
</bundle>
Attributes:
Attribute
Description
name
<property>
Description: The <property> tag is used inside a <bundle> tag to specify the property that
will be updated.
Parent Tags: <bundle>
Child Tags: <propertyValue>
Syntax:
<property name=>
useDefaultValue=[true|false]
[<propertyValue>
<propertyValue>]
</property>
Attributes:
Attribute
Description
name
useDefaultValue
<objectDeleteRule>
Description: The <objectDeleteRule> tag is used to specify an object type for deletion. Unless
modified by the use of the <criteria> tag within the same <rule> tag, all objects of the
specified object type within the scope of the Reset will be deleted.
Parent Tags: <rule>
Child Tags: None.
Syntax:
<objectDeleteRule contentType=/>
Attributes:
Attribute
contentType
Description
Specifies the object type to be deleted. All objects of
this type within the scope of the Reset are deleted.
<objectDisassociateRule>
Description: The <objectDisassociateRule> tag is used to disassociate a compliance object
type from another compliance object type. If you use the <criteria> tag with this rule type, the
criteria must be based on the childs property values. You cannot base a rule on properties or
property values belonging to the parent content type.
Parent Tags: <rule>
Child Tags: None.
Syntax:
<objectDisassociateRule parentContentType=
childContentType=/>
Attributes:
Attribute
Description
parentContentType
childContentType
<criteria>
Description: The <criteria> tag is used to refine the behavior of a rule by specifying the
standards that need to be met in order to invoke the rule. The criteria tag can contain one or
more <criterion> tags that will be judged when deciding whether to apply the rule to a specific
compliance object. It should be noted that criteria can only be applied in a positive manner that is, if the criteria are met, the rule will be used. You cannot specify a rule where if the
criteria are met, the rule is NOT applied.
Parent Tags: <rule>
Child Tags: <criterion>
Syntax:
<criteria logicalOperator=[and|or]>
Attributes:
Attribute
Description
logicalOperator
<criterion>
Note: It is strongly recommended that you use a maximum of three criterion within a single
<criteria> tag. Adding additional criterion will increase the processing time required to
complete the Reset.
Description: The <criterion> tag allows the user to specify a property and value(s) that must
match the evaluation specifications set in the <criterion> tag.
Parent Tags: <criteria>
Child Tags: <propertyValue>
Syntax:
<criterion bundle=
property=
operator=[=|<>|<=|<|>|>=|like]
<propertyValue=/>
[<propertyValue=/>]
</criterion>
Attributes:
Attribute
Description
bundle
property
Attribute
operator
Description
Specifies the manner in which the value of the property
will be evaluated. Valid operators are equal (=), not
equal (<>), greater than (>), less than (<), greater or
equal to (>=), less than or equal to (<=), and like.
Only the equal, not equal, and like operators can be
used with string variables.
Note: The like parameter allows the use of wildcards
in the <propertyValue> tag. These wildcards consist of
the % and _ symbols, which are passed to a SQL
database query against the Oracle database. The
percent mark (%) symbol is used to represent any
number of characters in a location, while the
underscore (_) character is used to represent any
single character in a location.
The usage is consistent with the use of wildcards in a
SQL where clause. See your SQL documentation for
additional information, if needed.
<propertyValue>
Description: The <propertyValue> tag performs two functions, depending on its location. If
the <propertyValue> tag is contained inside a <property> tag, it specifies the new value (or
values) for the updated property. If the <propertyValue> is contained inside a <criterion> tag,
it specifies the relevant property to be considered when applying the criteria.
If you are modifying a enumerated string (drop-down) property that is multi-selectable, you
can place multiple <propertyValue> tags inside the <property> tag. When the rule is
processed, all of the <propertyValue> tags will be evaluated, and the property will be modified
to select all of them.
Parent Tags: <property>, <criterion>
Child Tags: None.
Syntax:
<propertyValue name=/>
Attributes:
Attribute
name
Description
Specifies the value of the property. See the description
of the <propertyValue> tag for details.
Log into the server machine and navigate to the following directory.
<bea-home>\config\OpenpagesDomain
Run the following command on a single line:
ObjectManager load config OPAdministrator <password> <path-to-rulesetxml-file> <file-identfier>
where
<password> is the password to the OPAdminstrator user account.
<path-to-ruleset-XML-file> is the full path to the ruleset file you created.
<file-identifier> is the portion of the ruleset file name preceding -op-config.xml. For
example, if you created a ruleset file called ruleset-op-config.xml, the <fileidentifier> in the ObjectManager command would be ruleset.
3.
The ruleset is now loaded. If you have created multiple ruleset files, repeat this
procedure for each of them.
Updating a Ruleset
If you load a ruleset with the same name as an already-loaded ruleset, the ruleset will be
overwritten with the new rules. To return to an earlier version of the ruleset, you would have to
re-load the original ruleset loader file. Rulesets are not version-controlled.
Logging Level
This parameter controls how much information is displayed in the user interface. The line in
sosa.properties is scor.option.logging.level. The possible values are:
No matter which option is chosen, the same amount of information is logged during the Reset
session. The Logging Level setting only controls how much of the logged information is
displayed on the Log page.
The default value for the scor.option.logging.level parameter is High.
the
the
the
the
the
The table also has an Add New button that can be selected to start a new Reset session. For
more information on starting a new Reset session, see Starting the Compliance Object Reset
on page 57.
Log into the SOX Express system as a user with the Object Reset application
permission.
Note: If you have chosen to obey ACL restrictions, the user must have the permissions
to modify the objects within the scope of the Reset. If the user does not have sufficient
permissions, warning messages will be generated in the log, and the compliance
objects will not be modified.
2.
Click the Object Reset link under the Administration heading in the Action menu.
The Compliance Object Reset page is displayed.
3. Click the Add button at the top of the table to create a new Reset. The Specify Options
page is displayed.
4. Enter a name and description for the new Reset.
5. Select a Ruleset from the dropdown list of available Rulesets. The chosen Ruleset will
be used for the new Reset.
6. Click Next to display the Reset Scope page.
7. Choose the Business Entities to which the Reset will be applied by selecting the
checkboxes next to the entity names. Once you have selected the Business Entities,
click the Start Reset button to begin the Reset.
8. A confirmation warning dialog is displayed. If, after reading the warning, you wish to
begin the Reset, click Ok. The Reset begins, and the Compliance Object Reset page is
displayed.
Initiated - The Reset has been initialized, and is preparing to modify your data.
In Progress - The Reset is currently modifying the selected data.
Completed - The Reset finished successfully. Depending on whether the Reset was set
to continue on errors, some errors may be reported in the Session Log.
Failed - The Reset did not finish, because errors were encountered. Check the Session
Log for details on what errors occurred.
Administering SOX Express
Continue on Error - Whether the Reset Session will log errors and continue to run, or whether
the error will be logged and the session will halt. Value will either be true or false.
Check ACLs - Whether the Reset occurs against all compliance objects contained within the
scope of the Reset session, or whether the Reset occurs against only those objects that the
user who initiated the Reset has access to. It can have a value of true or false.
Ignore Locks - Whether existing locks on compliance objects are honored when running the
Reset. A value of true means that locks were ignored when running the Reset, and a value of
false means that locked objects were modified by the Reset.
Error Messages
The Error Messages section contains the details of any errors encountered by the Reset.
Warning Messages
The Warning Messages section contains any warning messages generated by the Reset.
Informational Messages
The Informational Messages section captures the running details of the Reset - the number of
successful operations, details on the preparation steps that occur during the Initializing phase,
and a summary of the number of errors encountered during the Reset.
Additional Information
For a complete explanation of jobs and job types, see the Working with Jobs and Job Types
chapter of the OpenPages User Manual.
For an explanation of enabling job types for a specific type of compliance object, see the
Enabling A Job Type section of the Openpages User Manual.
For instructions on configuring your jobs and administering some of the advanced features of
the SOX Express workflow capabilities, see the Configuring SOX Express chapter of the SOX
Express Administrators Manual.
From the Home page, click on the appropriate link in the Action menu for the
compliance object type (Account, Process, etc.) where you are starting a job.
Navigate to the compliance object(s) for which you want to start a job.
Click the checkbox next to the desired compliance object. If you select multiple
compliance objects, a job will be started for each object.
Click the Submit button. The Submit for Approval page is displayed. If the Submit
button is not available, no jobs have been enabled for this type of compliance object.
Fill in the description and a due date (if any) for the job and click Submit to start the
job.
Configuring
SOX Express
This chapter provides information about administering the SOX Express
application, including adding and removing SOX Express users, report
administration, and adding custom fields to SOX Express compliance
objects.
This chapter contains the following topics:
Prerequisites
The following software is required to use the Backup/Restore Utility:
Additional Information
Generated Files
Backup Log File
The backup process creates a log file, which is identified by a unique name in the <backupdirectory-name> folder. Each time you run the OPBackup command a separate log file is
generated.
Backed-Up Content
The backup process creates a zip file in the <backup-directory-name>directory. This zip file
contains the necessary backed up data files including the database dump file. This file may be
used as a parameter to the OPRestore command to restore the installation-specific SOX files
and the database. Each time the OPBackup command is run, a separate zip file is created and
each data file is identified by a unique name.
Usage Notes
The OPBackup command uses the Oracle exp command to export the database.
The OPBackup command stops all OpenPages and SOX Express services before
performing any backup operation. It restarts the services when the backup activities
are complete.
sosa.properties
webapp.proerties
configTileDefintions.xml
SOXCustomMessages.properties
<backup-file-name> is the name of the backup file (without the .zip file
extension)
<path-to-backup-location> is the full path of the folder where the backup file is
located
Additional Information
The restore process creates a log file identified by a unique name in the <backupdirectory-name> folder. Each time you run the OPRestore command, a separate log
file is created.
The OPRestore command uses the Oracle imp command to import the database.
Setting Name
Description
autonaming.sox.<objecttype>.autonamed
autonaming.sox.<objecttype>.editable
autonaming.sox.<objecttype>.format
autonaming.sox.<objecttype>.parent.default
For example, the settings for the Business Entity compliance object type could look like this:
autonaming.sox.SOXBusEntity.autonamed = false
autonaming.sox.SOXBusEntity.editable = false
autonaming.sox.SOXBusEntity.format = %P;_BUSE_%N3;
autonaming.sox.SOXBusEntity.parent.default = ORPHANED
In the above example, Business Entities would not be autonamed. If we change the value of
autonaming.sox.SOXBusEntity.autonamed to true, as below:
autonaming.sox.SOXBusEntity.autonamed = true
autonaming.sox.SOXBusEntity.editable = false
autonaming.sox.SOXBusEntity.format = %P;_BUSE_%N3;
autonaming.sox.SOXBusEntity.parent.default = ORPHANED
New Business Entities would be created with automatically generated names. These names
would not be able to be edited during the creation process (or afterwards).
Variable
Meaning
%P;
%U;
%Nn;
In addition to the variables, you can include any valid text as well in the autoname. The name
of a compliance object must be 252 characters or less and cannot contain any of the following
characters:
'/',':','*','\', '"', '<','>','!', '#', '%', '?', '|'
(slash, colon, asterisk, backslash, double quote, less than, greater than, exclamation point
(bang), pound, percentile, question mark, pipe)
Naming Examples
Here are some examples of the various ways the variables can be used:
If we use a parent Process of Hiring Practices and a creator of JSmith, and the following
settings in sosa.properties:
autonaming.sox.SOXRisk.autonamed = true
autonaming.sox.SOXRisk.editable = false
autonaming.sox.SOXRisk.format = %P;_RIS_%N7;
autonaming.sox.SOXRisk.parent.default = ORPHANED
The autogenerated name would be Hiring Practices_RIS_0000001
Example 1:
For the autonaming format parameter
autonaming.sox.SOXRisk.format = %P;-Risk-%N5;
the generated Risk name would be Hiring Practices-Risk-00001.
Example 2:
Given a different autonaming format parameter, such as
autonaming.sox.SOXRisk.format = Risk %N3; for %P; (%U;)
would result in the generated name Risk 001 for Hiring Practices (JSmith)
Example 3:
Not all of the variables need to be used in an autogenerated name. For example,
autonaming.sox.SOXRisk.format = Risk %N4;
results in Risk 0001
Example 4:
If the risk HAD no parent process, the value of autonaming.sox.SOXRisk.parent.default would
be used. In this case, the value
autonaming.sox.SOXRisk.format = %P;_RIS_%N7;
results in ORPHANED_RIS_0000001
Manual Signatures
Manual signatures are added on the Details page of a compliance object. The Signatures table
has an Add button and a Revoke button at the top of the table. Users without the ability to add
signatures to a compliance object will not see the buttons.
In order to add a signature to an object, the user must have write permissions to the object.
2.
3.
Find the line that corresponds to the compliance object type you want to enable
signatures for. The lines for the different types are:
sosa.signature.permission.add.businessentity=
sosa.signature.permission.add.account=
sosa.signature.permission.add.process=
sosa.signature.permission.add.controlobjective=
sosa.signature.permission.add.risk=
sosa.signature.permission.add.control=
sosa.signature.permission.add.test=
Add the name of the group you want to be able to add a signature to the end of the
line. Multiple groups are separated by commas. There cannot be a space after the
comma.
For example, to add the groups Auditors and Managers to the signoff list for processes,
the modified line would look like:
sosa.signature.permission.add.process=Auditors,Managers
Members of the two groups would then be able to add signatures to processes and
subprocesses.
4.
5.
6.
Repeat the process for each group and compliance object type you want to set up.
Save the changes to sosa.properties and exit the text editor.
Restart the SOX Express server to activate the new settings.
2.
3.
4.
5.
6.
Repeat the process for each group and compliance object type you want to revoke.
Save the changes to sosa.properties and exit the text editor.
Restart the SOX Express server to activate the new settings.
Automatic Signatures
Automatic signatures are applied to a compliance object as a result of a workflow task. A user is
assigned a task to create a signature. Completing the task results in a signature dialog box.
Once the user fills out the dialog, the new signature is created on the compliance object.
For instructions on setting up automatic signatures, see Enabling Signatures for SOX Express
Jobs on page 73.
Cascading Signatures
When a compliance object has a signature added to it, SOX Express provides the ability to
automatically apply the signature to all of the associated objects underneath the signed object
down the entire object tree. For example, signing a process would apply that signature to any
sub-processes, accounts, risks, controls, and tests associated with the process. This feature is
turned off by default, but can be enabled through the sosa.properties file.
To enable or disable cascading signatures for a compliance object type:
1.
2.
3.
4.
5.
6.
The SOX Express user who is responsible for starting jobs must have the Start Jobs
application permission.
The job type to be started must be owned by the SOX Express user or a group to which
the user belongs.
Enabling a job type to be started from a compliance object requires access to OpenPages. Make
sure you have an OpenPages user name with the Manage Job Types application permission
when attempting to enable a job type.
Log into the OpenPages server with a user name that has privileges to start and edit
jobs and job types.
Click the My Jobs link in the Action menu. The My Jobs page is displayed.
Click the View Job Types button at the top of the page. A list of Job Types is
displayed.
Choose the job type you wish to enable and click its name. The Job Type Details page is
displayed.
Click the Edit... button on the Properties table. The Edit Job Type Properties page is
displayed.
Click New and add a new Single File property with the name of the SOX Express
compliance object type for which you want the job type activated. The name of the
compliance object type must match a value in the following table and is case-sensitive.
Note: You do not need to specify any values except for the name of the property.
Content Type
Compliance Object
SOXAccount
Accounts
SOXBusEntity
Business Entities
SOXControl
Controls
SOXControlObjective
Control Objectives
SOXDocument
Associated Files
SOXProcess
Processes
SOXRisk
Risks
SOXSubaccount
Sub-Accounts
SOXSubprocess
Sub-Processes
SOXTest
Control Tests
7.
Add a Single File property for each compliance object type you wish to enable. When
you are finished adding properties, click Save to save your changes and return to the
Job Type Details page.
Jobs of the selected job type can now be associated with compliance objects of the type
specified in each Single File property.
Plan out the needed user roles and names for the job type.
Modify the job type and add the correct properties.
Set up a Custom Java Action Set to extract the user names and insert them into the
proper places in the tasks.
Create custom fields in the SOX Express object for the user names.
Planning Ahead
Before beginning the job type modification procedure, plan out what user roles and
assignments you will need to define. This is best done ahead of time.
Before you begin to make your changes, you should know in which field the name of the task
owner will be stored, and what the name of that field will be.
For our example, we will create a Reviewer role, and the field containing the name of the user
will be Process Reviewer.
In this procedure, we will create two new properties for the Job Type. These properties are
named TaskOwner and PropertyName. TaskOwner is where the retrieved name of the
assignee will be stored, and PropertyName identifies the field name where the name of the user
will be found. You will need to create these properties for any job where you wish to use
automatic user assignment.
To modify the job type:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
From the Home page, click on the My Jobs link in the Action menu. The list of currently
active jobs is displayed.
Click the View Job Types button at the top of the screen. A list of job types is
displayed.
Click the name of the job type you wish to modify. The Job Type Details screen is
displayed.
Click the Edit button under the Properties section, The Edit Job Type Properties screen
is displayed.
Click the New button on the right-hand side of the page.
Select Single File from the dialog box and click Ok.
Enter the compliance object type which this job will be activated from. For a list of
compliance object types, see the section Enabling a Job Type on page 71.
If you wish to enable the job for more than one compliance object type, repeat steps 5
through 7 for each object type.
Click the New button on the right-hand side of the page.
Select Simple String from the dialog box and click Ok.
Enter TaskOwner as the name of the property and a valid group name for the Default
Value and click the Apply button. The property is added to the list of properties for the
job type.
Repeat steps 9 and 10, and enter PropertyName into the Name field, and the name of
the property field where you will set the user name into the Default Value field. (For our
example, Default Value would be set to Process Reviewer.)
Click the Apply button to add the PropertyName property to the list of properties.
Click Save to save your changes and return to the Job Type Details page (or the Edit
page, if you are currently creating a new Job Type).
From the Details page of the job type you want to modify, click the Edit button in the
Tasks table. The Edit Tasks page is displayed
Note: You do not need to complete Step 1 if you are currently creating the job type.
Click Next from the Edit Job Type Properties to display the Edit Tasks page.
2.
3.
4.
Click the Java Action Sets button on the right-hand side of the shortcut bar. The
Define Java Action Sets dialog box is displayed.
Click the New button to display the Define Java Action Set dialog.
In the Name field, type GetOwnerSet and click the New button to create a new Java
Action.
5.
6.
7.
8.
Fill out
Right-click on the task to be assigned and select the Properties menu choice. The Task
Properties dialog is displayed.
Click the Actions tab and select GetOwnerSet for the value of Upon reaching this
node: .
Click the General tab and select <TaskOwner> as the Assigned To value.
Click OK to return to the Edit Tasks page.
Click Save to save your changes and return to the Job Type Details screen.
Log into the OpenPages application as a user with the Manage Job Types permission.
Click on My Jobs in the Action Menu to display a list of all of your running jobs.
Click on the View Job Types button to display a list of job types.
Click the name of the Job Type you wish to edit to display the Job Type Details page.
Under the Tasks section, click the Edit button to view the Create Tasks page for the job
type.
6.
7.
8.
9.
10.
11.
12.
13.
Right-click the name of the task to which you want to add a report and click the
Properties menu selection. The Edit Task Properties page is displayed.
Click the Publishing tab to display the publishing settings for the task. This tab
displays a list of the reports that will be attached to the task when the task is reached.
Click the Add button to display a file browser.
Navigate to the folder containing the report page you wish to attach to the task. Click
the name of the folder to display the contents in the right-hand pane.
Select the report(s) you wish to attach to the task. Control-click to select multiple
reports within a single folder.
Click OK to add the reports to the task and return to the list of attached reports. The
selected reports are now listed in the window.
Once you have added all of the reports you want, click OK on the bottom of the page to
close the Edit Task Properties window and return to the Create Tasks page.
Click Finish at the bottom of the Create Tasks page to save your changes.
Log into the OpenPages application as a user with the Manage Job Types permission.
Click on My Jobs in the Action Menu to display a list of all of your running jobs.
Click on the View Job Types button to display a list of job types.
Click the name of the Job Type you wish to edit to display the Job Type Details page.
Under the Tasks section, click the Edit button to view the workflow diagram for the job
type.
Right-click the name of the task that has the report you want to delete and click the
Properties menu selection. The Edit Task Properties page is displayed.
Click the Publishing tab to display the publishing settings for the task. This tab
displays a list of the reports that will be attached to the task when the task is reached.
Select the name(s) of the report you are removing and click the Remove button.
Once you have removed the desired reports, click OK on the bottom of the page to
close the Edit Task Properties window.
Click Finish at the bottom of the Create Tasks page to save your changes.
No attempt to validate that the job property and interactive report parameter are the
same data type (e.g. string, file path, enumerated list)
If a single interactive parameter matches the name of a job property, the user will not
be prompted to provide values for any other interactive parameters. If they do not
match job properties, they will be submitted to the report with blank entries. This may
cause the report to fail, depending on the report parameter.
Exposes the information about the nesting relationship between parent and child
objects in the relationship tables (also known as roll-up tables and transitive closures).
The OP Exporter tool does not preserve this information, making it challenging to create
generic drill-down reports.
Presents multi-valued properties as separate tables, as opposed to a single commaseparated list (a multi-valued roll-up). Presenting information in a single list makes
searching for objects that fall into more than one category more complex and requires
editing the filtering considerations by hand.
Accounts and sub-accounts, as well as processes and sub-processes, are treated as
separate content types (reflecting the actual object hierarchy in SOX Express). The OP
Exporter blended each set together and exposed them as a single content type.
Removes extraneous information from the master relationship table
(SX_ASSOCIATION). The OP Exporter required additional columns to be present in the
master relationship table (such as parent name, description, and loop-back URL).
Removes unnecessary self-to-self relationship tables that are only required for nested
compliance objects of the same type.
Changed the syntax of the nesting path value to a concatenated list of the names of all
the superior objects of the same type from top to bottom, and the name of the object
itself. The OP Exporter did not include the name of the object itself, causing top-level
objects to have a value of NULL.
RPT_OBJECTS
The RPT_OBJECTS table is used to register the names of the database objects that
represent resources corresponding to registered content types. It also defines that
physical types of the database objects - views, materialized views, or tables. It allows
specifying tablespaces to store the database objects and their indices.
RPT_OBJ_COLUMNS
The RPT_OBJ_COLUMNS table is used to define the mapping between the properties
associated with a content type and the database object columns representing them,
column aliases, and and their physical order. It also allows the defining of functionbased columns by specifying the data transformation of the property values by means
of the supported macro keywords or a user-supplied function.
RPT_RELATIONS
The RPT_RELATIONS table is used to register object-to-object relationships. Database
objects representing relationships can be either materialized views or tables, depending
on the type of the master object. It can also specify column aliases for the parent and
child identifiers.
RPT_LEVEL_LABELS
The RPT_LEVEL_LABELS table is used to assign a string label to a particular level in the
hierarchy of jobects of the same type. For example, business entities can be nested,
and assigning a label to each level of nesting (Division, Department, Workgroup, etc.)
allows a better sense of level than Level 3 Entity.
The following diagram represents the relationship of the configuration tables.
ReportingSchema_ProcessCentric_Delta.sql
Note: The ReportingSchema_ProcessCentric_Delta.sql script only needs to be run the first time
you load the configuration into the reporting schema. Subsequently, it will only need to be run
if the schema of the SOX Express is modified in some way.
Naming Restrictions
When customizing your schema configuration or contents, the following naming restrictions
must be followed: Object (table, view, or materialized view) and column names must be 30
characters or less and must be valid Oracle names (containing only alphanumeric characters,
dollar sign($), hashes(#), and underscores(_).
Mixed case names, names containing spaces, and international characters are not supported.
Object names must be unique in the application user schema. Column names must be unique
within the scope of a single object.
[FriendlyName] - applies to the resource name, resulting in the original resource name
with the extension removed.
[SoxUrl<;hostname:port>] - applies to the resource ID, resulting in the URL to view
the resource properties (the Details page) in the SOX Express user interface.
Note: If the hostname and port information is omitted, the SoxUrl defaults to
localhost:7009. If you are using third-party reporting tools such as CommandCenter
or Crystal Reports, you must modify the macro to explicitly specify the host server
name and port of the SOX Express application server. For load-balanced configurations,
you can specify different values in the hostname and port for different content
types.
If any of the columns for a given content type use one of the Nesting* macros, the resulting
database object will contain a level-based hierarchy representation, where each level of nesting
is represented by a column. The extra columns are named according to the level labels defined
for the corresponding content type.
If no level labels were defined for a given level, the column will be named as LEVEL<#> (e.g.
LEVEL1, LEVEL2, etc.)
Note: It is strongly recommended that you define level labels to accommodate the expected
depth of object nesting for a given implementation, because the algorithms that populate the
reporting schema rely only on the configuration data and do not validate whether the real data
has additional levels of nesting than were originally declared.
The following picture shows a table with the nesting and level-based hierarchy columns:
Synchronization Control
Because during the reporting schema refresh database objects can be dropped and created,
this operation is implemented as a single instance task. To enforce that no more than one
refresh operation can be executed at any given time, the RPT_LOCK table is used.
As the reporting schema refresh and the compliance object reset operations both use and
modify a common subset of the database objects (namely the NODES table and the
EFFECTIVE_RIGHTS materialized view), those operations cannot be executed at the same time.
The RPT_LOCK table can be used to verify if reporting schema refresh is in progress and its
current status. If refresh is being executed, the table will contain a single record, otherwise the
table will be empty. For more information about the table layout and usage sample refer to the
diagram below:
The following is an example of checking for the currently running reporting schema refresh jobs
and their status using SQL*Plus:
column
column
column
column
column
Open a command prompt on the database server machine and navigate to the location
of the Export-Reporting-Schema.cmd command file.
Execute the Export-Reporting-Schema.cmd file with the following syntax:
Export-Reporting-Schema.cmd
<OracleUserName> <OracleUserPassword> <OracleSID> <NLS_LANG>
where:
<OracleUserName> is the name of the Oracle user account used by the SOX Express
application to connect to the database. This is a required parameter.
<OracleUserPassword> is the password of the Oracle user account. This is a
required parameter.
<OracleSID> is the Oracle instance system identifier or service name. This is a
required parameter.
<NLS_LANG> is the national language setting to be used for the data export session.
This is a required parameter.
Note: In order to run the export command successfully, SQL*Plus and the Oracle EXP utility
must be installed on the Oracle database server.
After completion, the command line utility creates four files:
config.xml
config.xml.keep
aurora.properties
autoexnt.bat
op-backup-recovery.env
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
Log onto the application server and stop all the SOX Express application services except
OPAdminWLS.
2. Log into the BEA WebLogic administration console (http://<servername>:7001/
console).
3. Select the Compatibility Security|Users option in the left-hand menu.
4. On the Users screen, there is an option to change the password.
5. Enter system (without the quotes) into the Name field.
6. Enter the current system password in the Old Password field, and the new password in
the New Password field.
7. Click the Change button to save your changes.
8. A link titled Click here to save these changes to the realm implementation. will appear
in the upper right of the Users window. Click the link to save the changes to the realm.
9. A confirmation dialog will appear. Click Continue and close the Administration Console.
10. Navigate to the \bea\weblogic81\config\OpenpagesDomain directory and open the
boot.properties file using a text editor
11. Set password to the new password in clear text. This will get encrypted the next time
the server starts.
2.
3.
4.
5.
6.
Shut down the OPAdminWLS service. (This assumes that the other services are already
stopped from changing the password in WebLogic. If the other SOX Express services
are running, shut them down also.)
Navigate to the <WL_HOME>\config\OpenpagesDomain directory.
Edit the following files:
startWebLogic.cmd
startPublishwebServer.cmd
startOPAppServer.cmd
startSOSAServer.cmd
In each file, find the following line:
set WLS_PW=<old-password>
Replace the old password with the new system password for WebLogic.
set WLS_PW=<new-password>
In each .cmd file, change the password parameter in the JAVA command to reflect the
new password:
-Dweblogic.management.password=<old-password>
to
7.
8.
-Dweblogic.management.password=<new-password>
Finally, edit the password.ini file and change the old password to the new one.
Restart the SOX Express services.
88
4
Modifying SOX Express
Behavior
This chapter provides information about administering the SOX Express application, including
adding and removing SOX Express users, report administration, and adding custom fields to
SOX Express compliance objects.
This chapter contains the following topics:
Compliance objects below the removed object type will not be displayed - think
carefully before removing an object type from an overview page.
Any changes to the Overview pages are applied to everyone in the system. There is no
way to restrict the modified view to a certain sub-set of users. All users will see the
same modified Overview page.
The custom definitions for the three Overview pages are kept in the configTilesDefinitions.xml
configuration file, located in the config\OpenpagesDomain\applications\sosa\WEB-INF directory
of your SOX Express installation.
You must have write access to the OpenPages server machine in order to modify the
configuration file.
Note: When modifying an Overview page, restrict your modifications to the
configTileDefinitions.xml file. This file overrides the default definition and will not be overwritten
during an upgrade procedure.
To modify an Overview page:
1.
2.
3.
4.
5.
6.
Repeat the above steps for each overview page and save your changes. You must
restart the SOX Express server for the changes to take effect.
the affected compliance object - Which compliance object or objects will the new field
be added to?
the name - How will the new field be identified?
the label - What text will be displayed on the Details screen? This information will also
appear when adding and editing a compliance object.
the property type - What form input element (text field, text area, drop-down, etc.) will
be used to capture the data?
Add Bundle
Button
3.
Click the Add Bundle... button. The Describe Property Bundle page is displayed.
4.
Enter a name and description for the property bundle in the respective fields.
For our example, the new custom property bundle will be called CustomFields. We will
use this name for the new property bundle in future steps. Replace CustomFields with
your property bundle name as necessary.
5.
New Button
Property
Definition
Area
6.
Initially, there are no properties defined for the bundle. To start defining properties,
click the New button. The Select Property Type page is displayed in a pop-up window.
The Select Property Type page enables you to select the type of information that the
property is going to contain.
For explanations of the different property types, access the online help or the
Openpages 5.0 User Manual.
7.
Select the desired property type and click the OK button. The Define Properties page is
displayed with new controls available and active in the property definition area.
For our example, we will choose the Simple String property type.
If at any point in the process you realize that you have made an error, you can click the
Reset button to clear all the fields. If you have accidentally selected the wrong
property type, you can click the New button again to select another type.
8.
Enter a name and description that you want to use for the property type. Names are
mandatory for all property types.
For our example, we will use the name Owner for our new property.
9. Enter the all other information that you need to specify for the property.
10. If you want the property to be required, meaning that the user must provide a value for
this property when the file is added to the system, click the Value Required checkbox
so that it is selected.
Since we want every account to have an owner, we will select the Value Required
checkbox for the Owner property.
11. When you have finished defining the property, click the Apply button to save your
changes and add the property to the bundle. The property is added to the property list.
Property
List
Delete
Button
Finish
Button
12. When you are finished defining properties for the bundle, click the Finish button. The
new property bundle is saved and is displayed on the Property Bundle page.
Content Type
Compliance Object
SOXAccount
Accounts
SOXBusEntity
Business Entities
SOXControl
Controls
SOXControlObjective
Control Objectives
SOXDocument
Associated Files
SOXIssue
Issues
SOXMilestone
Project Milestones
SOXProcess
Processes
SOXProject
Projects
SOXRisk
Risks
SOXSubaccount
Sub-Accounts
SOXSubprocess
Sub-Processes
SOXTask
SOXTest
Control Tests
SOXTestResult
2.
3.
4.
5.
6.
While logged into OpenPages with an administrative-level account, click the Content
types link under the Administration heading in the left-hand Action menu. The list of
available content types is displayed.
Click on the name of the content type you want to edit. The Details page is displayed.
Click the Edit button under the Property Bundle Information heading. The Assign File
Types and Property Bundles page is displayed.
Click the Add button on the list of property bundles. A list of available property bundles
is displayed.
Highlight the name of the custom property bundle you just created and click Ok to add
the property bundle to the content type.
Click Save to save your changes and return to the Details page for the content type.
2.
3.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object>.prop.body where <object> is the object you want to modify. For
example, if you are modifying an account, the string would be account.prop.body.
4. Remove the comment tags (<!-- and -->) from the object definition if this is the
first time you are modifying the object.
5. Modify the <putlist> tag to include the definition for the new property, as in the
example below:
<putList name="property.list">
<add value="account.property.accountType"/>
<add value="account.property.newProp"/>
</putList>
The order of the property definitions controls the order in which they will be listed on
the object Details page and in the Add and Edit pages. Insert the new property
definition into the spot where you want the property to be listed.
Make sure the name for the new property definition (i.e. account.property.newProp in
this example) does not inadvertently match another property definition already defined
for the object.
Note: When modifying the Business Entity definition (busentity.prop.body), you must
remove the three sample property definition lines from the sample business entity
definition. The lines to be removed are:
<add value="customer.busentity.property.newProp"/>
<add value="customer.entity.property.ExecutiveOwner"/>
<add value="customer.entity.property.PrimaryOwner"/>
6.
Add the definition tag for the new property after the <definition> end tag containing
the <putlist> tag, using the format of the example below. A sample definition tag can
also be found in the XML file. Portions of the example in bold text should be replaced
with text specific to your property.
<definition>
<putList name="property.list">
<add value="account.property.accountType"/>
<add value="account.property.newProp"/>
</putList>
</definition>
<definition name="account.property.newProp">
<put name="bundle.name" value="TestBundle"/>
<put name="property.name" value="AddedProperty"/>
</definition>
We copy the sample definition and paste it outside the comment markers (<!-- -->), so that
when the file is read by the server, it will not be ignored. We then modify the pasted definition
tag to look like the following:
<definition name="account.property.accountOwner">
<put name="bundle.name" value="CustomFields"/>
<put name="property.name" value="Owner"/>
<put name="field.length.maximum" value="128" />
</definition>
The first line is changed to match the name of the property value we added to the property list
- in this case, account.property.accountOwner. The bundle.name line is modified to include
the exact name of the property bundle we created in Step Two - CustomFields. The
property.name line is modified to include the exact name of the property we added - Owner.
Once the new field definition is added, we save our changes and exit the editor.
Uncomment the object definition by removing the comment tags (<!-- and -->) from
around the definition.
In this example, we want to put the Description of Failure field at the end of the list, so that it
is the last field displayed. Copy the last <add value... /> line and paste it in front of the
</putlist> tag. When you are finished, the section should look like this:
<!--======= Test Result Definitions - Start =======-->
<definition name="testresult.prop.body"
extends="icdocumentation.property.form.body">
<putList name="property.list">
<add value="testresult.property.date"/>
<add value="testresult.property.by"/>
<add value="testresult.property.result"/>
<add value="testresult.property.effective"/>
<add value="testresult.property.effective"/>
</putList>
</definition>
<!--======= Test Result Definitions - End ========-->
Modify the line to reference the new definition you will create for the new field. When you are
finished, the section looks like:
<!--======= Test Result Definitions - Start =======-->
<definition name="testresult.prop.body"
extends="icdocumentation.property.form.body">
<putList name="property.list">
<add value="testresult.property.date"/>
<add value="testresult.property.by"/>
<add value="testresult.property.result"/>
<add value="testresult.property.effective"/>
<add value="testresult.property.failure"/>
</putList>
</definition>
<!--======= Test Result Definitions - End ========-->
Now, we need to add the definition of the new field. Because we named the new value in the
previous step testresult.property.failure, the new definition will need to match this value
exactly. Here is a generic text area definition tag for you to copy and insert:
<definition name="account.property.newProp"
extends=textarea.property>
<put name="bundle.name" value="TestBundle"/>
<put name="property.name" value="Added Property"/>
</definition>
The new definition should look like this when you are finished:
<definition name="testresult.property.failure"
extends=textarea.property>
<put name="bundle.name" value="TestResultCustomFields"/>
<put name="property.name" value="Description of Failure"/>
</definition>
If you wish to change the display parameters of the text area - the height and width of the
input area - you must add the following two lines to the definition:
<put name="column.size" value="80"/>
<put name="row.size" value="6"/>
If we wanted to change the Description of Failure field to be 80 characters wide and 6 lines
tall, the modified text area definition would look like this:
<definition name="testresult.property.failure">
extends=textarea.property>
<put name="bundle.name" value="TestResultCustomFields"/>
<put name="property.name" value="Description of Failure"/>
<put name="column.size" value="80"/>
<put name="row.size" value="6"/>
</definition>
Once you save your changes and restart the SOX Express server, the new field will be displayed
in the Test Result details page.
In this example, we want to put the Purpose of Control field at the end of the list, so that it is
the last field displayed. Copy the last <add value... /> line and paste it in front of the
EXAMPLE line. When you are finished, the section should look like this:
<!--======= Control Definitions - Start =======-->
<definition name="control.prop.body"
extends="icdocumentation.property.form.body">
<putList name="property.list">
<add value="control.property.classification"/>
<add value="control.property.documentationLocation"/>
<add value="control.property.controlType"/>
<add value="control.property.whoPerformsControl"/>
<add value="control.property.itDependent"/>
<add value="control.property.controlsTested"/>
<add value="control.property.walkthroughs"/>
<add value="control.property.controlEvaluation"/>
<add value="control.property.newProp"/>
<!-- add new property here - EXAMPLE
<add value="control.property.newProp"/>
-->
</putList>
</definition>
<!--======= Control Definitions - End ========-->
Modify the line to reference the new definition you will create for the new field. When you are
finished, the section looks like:
<!--======= Control Definitions - Start =======-->
<definition name="control.prop.body"
extends="icdocumentation.property.form.body">
<putList name="property.list">
<add value="control.property.classification"/>
<add value="control.property.documentationLocation"/>
<add value="control.property.controlType"/>
<add value="control.property.whoPerformsControl"/>
<add value="control.property.itDependent"/>
<add value="control.property.controlsTested"/>
<add value="control.property.walkthroughs"/>
<add value="control.property.controlEvaluation"/>
<add value="control.property.Purpose"/>
<!-- add new property here - EXAMPLE
<add value="control.property.newProp"/>
-->
</putList>
</definition>
<!--======= Control Definitions - End ========-->
Now, we need to add the definition of the new field. Because we named the new value in the
previous step control.property.COSO_Objective, the new definition will need to match this
value exactly. Here is a generic drop-down definition tag for you to copy and insert:
<definition name="task.property.actionPlanType">
<put name="bundle.name" value="custom.bundle"/>
<put name="property.name" value="custom.property.name"/>
</definition>
The new definition should look like this when you are finished:
<definition name="control.property.Purpose">
<put name="bundle.name" value="ControlCustomBundle"/>
<put name="property.name" value="Purpose of Control"/>
</definition>
Once you save your changes and restart the SOX Express server, the new field will be displayed
in the Control details page.
In this example, we want to put the Additional Comments field at the end of the list, so that it
is the last field displayed. Copy the last <add value... /> line and paste it on the next line.
When you are finished, the section should look like this:
<!--======= Control Definitions - Start =========-->
<!-- Uncomment this definition and alter list as necessary
<definition name="control.prop.body">
<putList name="property.list">
<add value="control.property.classification"/>
<add value="sox.property.rich.text.example"/>
<add value="control.property.documentationLocation"/>
<add value="control.property.controlType"/>
<add value="control.property.whoPerformsControl"/>
<add value="control.property.itDependent"/>
<add value="control.property.controlsTested"/>
<add value="control.property.walkthroughs"/>
<add value="control.property.controlEvaluation"/>
<add value="control.property.controlEvaluation"/>
</putList>
</definition>
-->
<!--======== Control Definitions - End ==============-->
Modify the line to reference the new definition you will create for the new field. When you are
finished, the section looks like:
<!--======= Control Definitions - Start =========-->
<!-- Uncomment this definition and alter list as necessary
<definition name="control.prop.body">
<putList name="property.list">
<add value="control.property.classification"/>
<add value="sox.property.rich.text.example"/>
<add value="control.property.documentationLocation"/>
<add value="control.property.controlType"/>
<add value="control.property.whoPerformsControl"/>
<add value="control.property.itDependent"/>
<add value="control.property.controlsTested"/>
<add value="control.property.walkthroughs"/>
<add value="control.property.controlEvaluation"/>
<add value="control.property.additionalComments"/>
</putList>
</definition>
-->
<!--======== Control Definitions - End ==============-->
Now, we need to add the definition of the new field. Because we named the new value in the
previous step control.property.additionalComments, the new definition will need to match this
value exactly. Here is a generic HTML-enabled field definition tag for you to copy and insert:
<definition name="sox.property.rich.text.example">
<put name="bundle.name" value="SOXRTF"/>
<put name="property.name" value="RTF"/>
<put name="display.type" value="rich.text.area"/>
<put name="row.size" value="250"/>
<put name="column.size" value="100%"/>
<put name="label" value="RTF" />
</definition>
The new definition should look like this when you are finished:
<definition name="control.property.additionalComments">
<put name="bundle.name" value="ControlCommentBundle"/>
<put name="property.name" value="Additional Comments"/>
<put name="display.type" value="rich.text.area"/>
<put name="row.size" value="250"/>
<put name="column.size" value="100%"/>
<put name="label" value="Additional Comments:" />
</definition>
If you wish to change the display parameters of the HTML area - the height and width of the
input area - you must modify the following two lines of the definition:
<put name="row.size" value="250"/>
<put name="column.size" value="100%"/>
Once you save your changes and restart the SOX Express server, the new field will be displayed
in the Control details page.
Compliance Object
Referenced Properties
Accounts
Assertions
Processes
Process Type
Transaction Type
Impact
IT Process
Financial Statement Close Process
Controls
Control Evaluation
Control Type
Who Performs Control
Document Location
Walkthroughs
IT Dependent
Tests
Date Performed
Performed By
Test Result
Effectiveness
Project Items
Due Date
Action Items
Assignee
Start Date
Percent Complete
Business Location
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object>.prop.body where <object> is the object you want to modify. For
example, if you are modifying an account, the string would be account.prop.body.
Uncomment the definition for the compliance object and modify the <putlist> tag to
comment out the list entry for the property to be hidden, as in the example below:
<putList name="property.list">
<add value="account.property.accountType"/>
<-- <add value="account.property.accountNumber"/> -->
</putList>
The above example would hide the Account Number field in the Account Detail page, as
well as from the Edit screen and from any reports run on accounts.
5.
4.
3.
4.
<definition name="task.prop.body">
<putList name="property.list">
<add value="task.property.assignee"/>
<add value="task.property.businessLocation"/>
<add value="task.property.startDate"/>
<add value="task.property.dueDate"/>
<add value="task.property.percentComplete"/>
<add value="task.property.predecessor"/>
</putList>
</definition>
Now, replace the assignee property with the entry for the extended definition.
<definition name="task.prop.body">
<putList name="property.list">
<add value="extended.task.property.assignee"/>
<add value="task.property.businessLocation"/>
...
Provide the property definition for the extended property. The syntax for the extended
property looks like this:
<definition name="extended.task.property.assignee"
extends="task.property.assignee">
<put name="label" value="Responsible Person"/>
</definition>
The value of extends is the original property the new extended property is
augmenting.
5.
Save your changes to the configTileDefinitions.xml file and restart the services.
Additional Modifications
Overview
This section details some of the other modifications you can make to the appearance and
functionality of SOX Express.
Topics in this section include:
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> List Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account List
Definitions.
Uncomment the definition for the compliance object and modify the <putlist> tag to
add the list entry for the column to be added, as in the example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
Below the list definition for the compliance object type, create a new definition for the
field to be displayed in the new column. It should look like the following:
<definition name="account.item.list.field.accountnumber">
<put name="type" value="custom.property"/>
<put name="bundle" value="SOXAccount"/>
<put name="property" value="Account Number"/>
</definition>
where the value of name matches the new value you added to the putList; the value
for type is always custom.property; the value for bundle is the property bundle
where the custom property is contained; and the value for property is the exact name
of the custom property to be displayed.
6.
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> List Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account List
Definitions.
Uncomment the definition for the compliance object and comment out the line for the
property you wish to replace inside the <putlist> tag to add the list entry for the
column to be added, as in the example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<!-- <add value="account.item.list.field.assertions" /> -->
</putList>
The above example would add the Account Number field to the table in a new column.
5.
Add a new line for the property you wish to add inside the <putlist> tag, as in the
example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<!-- <add value="account.item.list.field.assertions" /> -->
<add value="account.item.list.field.accountnumber" />
</putList>
The above example would add the Account Number field to the table in place of the
Assertions column. The order of the values in the putList statement determines the
order in which the columns are displayed.
Modifying SOX Express Behavior
6.
Below the list definition for the compliance object type, create a new definition for the
field to be displayed in the new column. It should look like the following:
<definition name="account.item.list.field.accountnumber">
<put name="type" value="custom.property"/>
<put name="bundle" value="SOXAccount"/>
<put name="property" value="Account Number"/>
</definition>
where the value of name matches the new value you added to the putList; the value
for type is always custom.property; the value for bundle is the property bundle
where the custom property is contained; and the value for property is the exact name
of the custom property to be displayed.
7.
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> List Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account List
Definitions.
Below the listing definition, find the property definition for the column you want to
modify.
For example, a definition might look like this:
<definition name="account.item.list.field.accountnumber">
<put name="type" value="custom.property"/>
<put name="bundle" value="SOXAccount"/>
<put name="property" value="Account Number"/>
</definition>
Note: If you are changing the label of a default property (one originally supplied with
SOX Express), you will have to create a property definition for the default property.
5.
6.
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> List Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account List
Definitions.
Uncomment the definition for the compliance object and modify the <putlist> tag to
comment out the list entry for the column to be hidden, as in the example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<!-- <add value="account.item.list.field.assertions" /> -->
</putList>
The above example would hide the Assertions column from the table.
5.
2.
3.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> Tree Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account Tree
Definitions.
Note: Business Entities, Issues, and Test Results do not use an expandable tree view,
and therefore do not have List Definitions.
4.
Uncomment the definition for the compliance object and modify the <putlist> tag to
add the list entry for the column to be added, as in the example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<add value="account.item.list.field.assertions" />
<add value="account.item.list.field.accountnumber" />
</putList>
The above example would add the Account Number field to the table in a new column.
The order of the values in the putList statement determines the order in which the
columns are displayed.
5.
Below the list definition for the compliance object type, create a new definition for the
field to be displayed in the new column. It should look like the following:
<definition name="account.item.list.field.accountnumber">
<put name="type" value="custom.property"/>
<put name="bundle" value="SOXAccount"/>
<put name="property" value="Account Number"/>
</definition>
where the value of name matches the new value you added to the putList; the value
for type is always custom.property; the value for bundle is the property bundle
where the custom property is contained; and the value for property is the exact name
of the custom property to be displayed.
6.
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> Tree Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account Tree
Definitions.
Uncomment the definition for the compliance object and comment out the line for the
property you wish to replace inside the <putlist> tag to add the list entry for the
column to be added, as in the example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<!-- <add value="account.item.list.field.assertions" /> -->
</putList>
The above example would add the Account Number field to the table in a new column.
5.
Add a new line for the property you wish to add inside the <putlist> tag, as in the
example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<!-- <add value="account.item.list.field.assertions" /> -->
<add value="account.item.list.field.accountnumber" />
</putList>
The above example would add the Account Number field to the table in place of the
Assertions column. The order of the values in the putList statement determines the
order in which the columns are displayed.
6.
Below the list definition for the compliance object type, create a new definition for the
field to be displayed in the new column. It should look like the following:
<definition name="account.item.list.field.accountnumber">
<put name="type" value="custom.property"/>
<put name="bundle" value="SOXAccount"/>
<put name="property" value="Account Number"/>
</definition>
where the value of name matches the new value you added to the putList; the value
for type is always custom.property; the value for bundle is the property bundle
where the custom property is contained; and the value for property is the exact name
of the custom property to be displayed.
7.
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> Tree Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account Tree
Definitions.
Below the listing definition, find the property definition for the column you want to
modify.
For example, a definition might look like this:
<definition name="account.item.list.field.accountnumber">
<put name="type" value="custom.property"/>
<put name="bundle" value="SOXAccount"/>
<put name="property" value="Account Number"/>
</definition>
Note: If you are changing the label of a core property, you will have to create a
property definition for the core property.
5.
6.
2.
3.
4.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object> Tree Definitions where <object> is the object you want to
modify. For example, if you are modifying an account, the string would be Account Tree
Definitions.
Uncomment the definition for the compliance object and modify the <putlist> tag to
comment out the list entry for the column to be hidden, as in the example below:
<putList name="table.field.list" >
<add value="account.item.list.field.name" />
<add value="icdocumentation.item.list.field.description" />
<!-- <add value="account.item.list.field.assertions" /> -->
</putList>
The above example would hide the Assertions column from the table.
5.
Open the sosa.properties file in a text editor. The file can be found in the
\bea\weblogic81\config\OpenpagesDomain\applications\sosa\conf directory.
Find the following line:
user.bucket.size=10
Change the value to the number of users desired. In order to have 25 users in each
segment, change the line to the following:
Modifying SOX Express Behavior
4.
user.bucket.size=25
Save your changes and restart the SOX Express services to view the change.
4.
5.
Open the configTileDefinitions.xml file in a text editor. Make sure you back up the file
before making any changes.
Search for the string select.user.dropdown. An example definition is displayed.
Copy the example and paste it outside of the comment tags. The example looks like the
following:
<definition name="customer.entity.property.ExecutiveOwner">
<put name="bundle.name" value="SOXObjectOwners"/>
<put name="property.name" value="Executive Owner"/>
<put name="display.type" value="select.user.dropdown"/>
<put name="select.user.group" value="SOXUsers"/>
<put name="select.user.group.include.subgroups" value="yes"/>
</definition>
Replace the following strings with your property information:
customer.entity.property.ExecutiveOwner with the property definition name
of the field you are modifying.
SOXObjectOwners with the bundle that contains the custom property
Executive Owner with the label of your custom property.
SOXUsers with the group whose members will be listed in the user selector.
Save your changes when you have finished. You will have to restart the SOX Express
services to see the new behavior.
Open the configTileDefinitions.xml file in a text editor. Make sure you back up the file
before making any changes.
Search for the string config.user.selector.table.field.list. An example definition is
displayed.
Copy the example and paste it outside of the comment tags. The example looks like the
following:
<definition name="config.user.selector.table.field.list">
<putList name="table.field.list">
<add value="email" />
<add value="firstName" />
<add value="lastName" />
<add value="description" />
</putList>
</definition>
4.
5.
6.
The example contains all of the potential fields that can be displayed in SOX Express.
To hide any of these fields, comment out the appropriate line with the <!-- --> tags.
For example, to hide the e-mail address of users, modify the example as follows:
<definition name="config.user.selector.table.field.list">
<putList name="table.field.list">
<!-- <add value="email" /> -->
<add value="firstName" />
<add value="lastName" />
<add value="description" />
</putList>
</definition>
To re-order the list, re-arrange the listings from top to bottom - each entry corresponds
to a left-right orientation. For example, to display the last name before the first name,
move the lastName line above the firstName line.
Save your changes when you have finished. You will have to restart the SOX Express
services to see the new behavior.
4.
5.
logout.link.url=http://www.openpages.com
Save your changes and exit the text editor.
Restart the OpenPages and SOX servers.
The agents must pass the SOX Express user name in the response header attributes.
4.
sox.app.security.auth.siteminder.enabled=true
Save the changes to aurora.properties and restart the SOX Express server.
Note: For instructions on restarting SOX Express and OpenPages, see the SOX Express
Installation Manual included with your installation media.
4.
op.app.security.auth.siteminder.enabled=true
Save the changes to aurora.properties and restart the OpenPages server.
The Notification
Manager
the Test Notifications page (report). This is a prepared report that will send e-mail to
all Test Performers that have Tests that have not been performed and are due within
the next 15 days.
the Undetermined Controls page (report). This is a prepared report that notifies users
who have Controls assigned to them that are marked as Undetermined.
the Test Notification Template. This report template is used when creating your own
reports to notify Test Performers and Reviewers about incomplete Test Results.
the General SOX Notifications Template. This template is used to create your own
notification reports using your own custom trigger conditions. Detailed information
about creating your own notification reports can be found in Using the General SOX
Notifications Template on page 122 of this guide.
This guide will explain how to set up and run notification reports based on the included Test
Notification Template and the General SOX Notifications Template.
Once the steps are completed, you will have a notification that can be run manually or
scheduled to be run automatically, depending on your choices.
When the report is run, a milestone is generated with a name based on the report and
the Milestone Suffix parameter.
For each compliance object that generates a notification, an action item is created
under the report milestone. This action item is assigned to the Executive or Primary
Owner of the compliance object.
A notification e-mail is generated for the Executive or Primary Owners detailing the
compliance objects that require attention.
Test Reviewer (the person responsible for verifying that the tests are completed)
Test Performer (the person responsible for executing the tests)
Frequency (whether the test is performed Annually, Quarterly, or Monthly)
Relative Due Date (when the test should be completed, measured in days after the
beginning of the Frequency period)
Note: If you are viewing existing Tests that were created before version 3.0.1, the new
properties will not be visible on the Details page of the Test. To display the new properties on
an existing Test, click the Edit button. The new properties will be included on the Edit page.
When you Save your changes, the new properties and values will now be displayed on the
Details page. You will need to enter values for each pre-existing Test in order to use the
Notification Manager.
Log in to OpenPages as a user with Publishing privileges. The Home page is displayed.
Click the Browse Channels link on the Action menu. A list of channels is displayed.
Navigate to the Reporting/SOX/Notifications folder. The contents of the folder are
displayed.
4. Click the Add Page... button at the top of the folder list. The Describe Page screen is
displayed.
5. Enter a name and description for the notification report and choose the Test Notification
Template as the page template. Click Next to continue.
6. Enter the information for your notification. When you are finished, click Apply to save
your changes.
Note: Detailed information about the various fields can be found following this
procedure.
7.
Parameter
Milestone Suffix
Explanation
String appended to the milestone created as a result of
running the report. When the report is run, a milestone is
created to hold the action items that will be created as a
result of the notification process. By default, the milestone is
named for the content type that the report targets (in this
case - Tests). The milestone suffix is added to the end of the
milestone name to create a unique name for holding the
results of the notification report.
The name is appended with a dash, so a Milestone Suffix of
Weekly Reminder will result in a milestone named Tests Weekly Reminder.
Sender Name
Sender Address
Parameter
Explanation
Subject
The number of days before the test due date that the
notification e-mail will be sent to the user listed as the Test
Reviewer.
The Due Date for a Test is set in the Relative Due Date field
on the Test compliance object. The Relative Due Date is the
number of days after the beginning of the test period (as set
in Frequency - Annually, Quarterly, Monthly).
For example, a Relative Due Date of 60 and a Frequency of
Quarterly means that the Test must be completed 60 days
after the beginning of the most recent quarter. If you set
this field (Notify Test Reviewer...) to 14, then 14 days before
the Relative Due Date the notification will alert the Test
Reviewer.
Note: SOX Express considers financial quarters to begin on
January 1st, April 1st, July 1st, and October 1st. If your
financial quarter begins on a different date, you may want to
adjust the Relative Due Date.
The number of days before the test due date that the
notification e-mail will be sent to the user listed as the Test
Performer.
The Due Date for a Test is set in the Relative Due Date field
on the Test compliance object. The Relative Due Date is the
number of days after the beginning of the test period (as set
in Frequency - Annually, Quarterly, Monthly).
For example, a Relative Due Date of 60 and a Frequency of
Quarterly means that the Test must be completed 60 days
after the beginning of the most recent quarter. If you set
this field (Notify Test Peformer...) to 21, then 21 days before
the Relative Due Date the notification will alert the Test
Performer.
Note: SOX Express considers financial quarters to begin on
January 1st, April 1st, July 1st, and October 1st. If your
financial quarter begins on a different date, you may want to
adjust the Relative Due Date to take this into account.
Parameter
Explanation
General Message
This text will appear underneath the General Message on emails to Test Reviewers.
This text will appear underneath the General Message on emails to Test Performers.
Group notifications by
This setting is used to group the tests that meet the criteria
for notification within the notification e-mail.
Defines the property that contains the date the Test Results
were performed. Should only be modified if you are using a
custom property.
Mail Server
SOX Server
Report Title
Scope
Library Filter
Project
Reporting Period
Parameter
Milestone Suffix
Explanation
String appended to the milestone created as a result of
running the report. When the report is run, a milestone is
created to hold the action items that will be created as a
result of the notification process. By default, the milestone is
named for the content type that the report targets (in this
case - Tests). The milestone suffix is added to the end of the
milestone name to create a unique name for holding the
results of the notification report.
The name is appended with a dash, so a Milestone Suffix of
Weekly Reminder will result in a milestone named Tests Weekly Reminder.
Sender Name
Sender Email
Email Subject
General Message
Message to Executive
Owners
This text will appear underneath the General Message on emails to Executive Owners.
Note: If you are entering a plain-text message, any escaped
characters (such as newlines, etc.) must be preceded with
two backslashes instead of one (e.g. \\n). If you are using
HTML for your e-mail message, this is not necessary.
Parameter
Message to Primary Owners
Explanation
This text will appear underneath the General Message on emails to Primary Owners.
Note: If you are entering a plain-text message, any escaped
characters (such as newlines, etc.) must be preceded with
two backslashes instead of one (e.g. \\n). If you are using
HTML for your e-mail message, this is not necessary.
[Filter Property 1
Filter Evaluation 1
Filter Value 1]
Filter Property X
Filter Evaluation X
Filter Value X
Create notification if
Group Notifications by
Parameter
Create Action Items
Explanation
Determines whether an action item will be created for each
notification e-mail sent to an Executive or Primary Owner.
If an Action Item has already been created for the
compliance object, no new action item will be generated
Note: If this option is set to false, then notifications will
always be sent when the notification report is run,
regardless of the Send repeat notifications setting.
If set, the Action Items Due Date will be set to the number
of days after the creation of the action item.
For example, a value of 14 would give the created Action
Item a due date two weeks after the creation of the Action
Item.
Mail Server
SOX Server
Report Title
Library Filter
Scope
Project
Reporting Period
Log in to SOX Express and click the Reports link on the Action menu.
Click on the Notificiations link to display the notification reports.
Choose the notification report you wish to run and click the name of the report.
A new window opens, and the results of the report are displayed.
Note: The report may take a short while to display - this is normal.
Syntax
NotificationManager -Username=<username> -Password=<password>
-NotificationProgram=<full-path-to-notification-report>|-ProgramFolder=<path-to-foldercontaining-notification-reports> [-SaveOutput=<true|false>] [-LogSession=<true|false>]
-[{parameterName=parameterValue}] [-ParameterFile=<full-path-to-file>]
Parameters
All parameters are in the syntax -parameter=value. If the value of any parameter contains
spaces, that value must be contained within quotation marks.
Parameter Name
Explanation
-Username
-Password
-NotificationProgram
-ProgramFolder
-SaveOutput
-LogSession
-parameter=value
Parameter Name
-ParameterFile
Explanation
Specifies a text file containing a list of parameter=value
pairs (equivalent to entering individual -parameter=value
entries into the command line directly). Each
parameter=value pair should be on a single line.
Value is the full path to the file, including the file name.
Example: ParameterFile=c:\bea\weblogic81\aurora\util\Notification
Manager\notification_parameters.txt
From the Windows menu on the application server machine, select Settings | Control
Panel.
Open the Scheduled Tasks item in the Control Panel.
Double-click the Add Scheduled Task item.
On the Task tab, fill in the Run field with the path to the NotificationManager program
and any parameters you require to run the report.
Example: To run a single report, the contents of the Run field might look like the
following:
c:\bea\weblogic81\aurora\util\NotificationManager
NotificationManager.cmd -Username=SOXAdministrator
-Password=SOXAdministrator -NotificationProgram=Reporting/SOX/
Notifications/Test Notifications
5.
6.
7.
8.
9.
10.
11.
Edit the Start in field to be the path to the NotificationManager program, i.e.
c:\bea\weblogic81\aurora\util\NotificationManager.
Make sure the Run as: is set to the current Windows user.
Check the checkbox next to Enabled to set a time for the command to be executed.
Click the Schedule tab to display the Schedule settings.
Set the days and time you want the notification report(s) to run.
Click Apply and then Ok to save your changes and exit the scheduler.
Repeat these steps for each report you wish to run. Remember that you can use the
-ProgramFolder parameter to run all the reports in a specified folder at the same time.
133
Column Name
Description
Native Type
ENTITY_ID
NUMBER(38,0)
EN_CREATIONDATE
DATE
EN_CREATOR
NUMBER(38,0)
EN_DESCRIPTION
VARCHAR2(2048)
EN_ENTITY_IN_SCOPE
VARCHAR2(256)
EN_ENTITY_TYPE
VARCHAR2(256)
EN_ERP_COMPANY_CODE
VARCHAR2(256)
EN_EXECUTIVE_DELEGATE
VARCHAR2(4000)
EN_EXECUTIVE_OWNER
VARCHAR2(4000)
EN_EXPORTLABEL
VARCHAR2(4000)
EN_FULLPATH
VARCHAR2(1024)
EN_LOCKSTATUS
VARCHAR2(256)
EN_MODIFIEDDATE
DATE
EN_NAME
VARCHAR2(4000)
EN_NESTINGLEVEL
NUMBER
EN_NESTINGPATH
VARCHAR2(4000)
134
Column Name
Description
Native Type
EN_PARENTFOLDERID
NUMBER(38,0)
EN_SOXURL
VARCHAR2(4000)
EN_VERSIONID
NUMBER(38,0)
CORPORATE
VARCHAR2(256)
DEPARTMENT
VARCHAR2(256)
DIVISION
VARCHAR2(256)
WORKGROUP
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_ENTITY (I1)
EN_CREATOR
IX2_SX_ENTITY (I2)
EN_ENTITY_IN_SCOPE
IX3_SX_ENTITY (I3)
EN_ENTITY_TYPE
IX4_SX_ENTITY (I4)
EN_ERP_COMPANY_CODE
IX5_SX_ENTITY (I5)
EN_EXPORTLABEL
IX6_SX_ENTITY (I6)
EN_FULLPATH
IX7_SX_ENTITY (I7)
EN_LOCKSTATUS
IX8_SX_ENTITY (I8)
EN_NAME
IX9_SX_ENTITY (I9)
EN_NESTINGLEVEL
IX10_SX_ENTITY (I10)
EN_NESTINGPATH
IX11_SX_ENTITY (I11)
EN_PARENTFOLDERID
135
Accounts
Physical Name: SX_ACCOUNT
Description: This table contains the information relating to Account compliance objects.
Primary Key: ACCOUNT_ID
Indices: 7
Column Name
Description
Native Type
ACCOUNT_ID
NUMBER(38,0)
AC_ACCOUNT_TYPE
VARCHAR2(256)
AC_ANNUALIZED_VALUE
NUMBER(38,0)
AC_ASSERTIONS
VARCHAR2(256)
AC_CLASSIFICATION
VARCHAR2(256)
AC_CREATIONDATE
DATE
AC_CREATOR
NUMBER(38,0)
AC_DESCRIPTION
VARCHAR2(2048)
AC_FULLPATH
VARCHAR2(1024)
AC_LOCKSTATUS
VARCHAR2(256)
AC_MODIFIEDDATE
DATE
AC_NAME
VARCHAR2(4000)
AC_PARENTFOLDERID
NUMBER(38,0)
AC_SOXURL
VARCHAR2(4000)
AC_VALUE_AS_OF_DATE
DATE
AC_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
136
Table of Indices
Index Name
Table Column
IX1_SX_ACCOUNT (I1)
AC_ACCOUNT_TYPE
IX2_SX_ACCOUNT (I2)
AC_CLASSIFICATION
IX3_SX_ACCOUNT (I3)
AC_CREATOR
IX4_SX_ACCOUNT (I4)
AC_FULLPATH
IX5_SX_ACCOUNT (I5)
AC_LOCKSTATUS
IX6_SX_ACCOUNT (I6)
AC_NAME
IX7_SX_ACCOUNT (I7)
AC_PARENTFOLDERID
Account Assertions
Physical Name: SX_ACCOUNT_ASSERTIONS
Foreign Key: ACCOUNT_ID
Foreign Key Reference: SX_ACCOUNT.ACCOUNT_ID
Indices: 2
Column Name
Description
Native Type
ACCOUNT_ID
NUMBER(38,0)
AC_ASSERTIONS
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_ACCOUNT_ASSERTIONS
(I1)
ACCOUNT_ID
IX2_SX_ACCOUNT_ASSERTIONS
(I2)
AC_ASSERTIONS
137
Sub-Accounts
Physical Name: SX_SUBACCOUNT
Description: This table contains the information relating to sub-account compliance objects.
Primary Key: SUBACCOUNT_ID
Indices: 10
Column Name
Description
Native Type
SUBACCOUNT_ID
NUMBER(38,0)
AC_ACCOUNT_TYPE
VARCHAR2(256)
AC_ANNUALIZED_VALUE
NUMBER(38,0)
AC_ASSERTIONS
VARCHAR2(256)
AC_CLASSIFICATION
VARCHAR2(256)
AC_CREATIONDATE
DATE
AC_CREATOR
NUMBER(38,0)
AC_DESCRIPTION
VARCHAR2(2048)
AC_EXPORTLABEL
VARCHAR2(256)
AC_FULLPATH
VARCHAR2(1024)
AC_LOCKSTATUS
VARCHAR2(256)
AC_MODIFIEDDATE
DATE
AC_NAME
VARCHAR2(4000)
AC_NESTINGLEVEL
NUMBER
AC_NESTINGPATH
VARCHAR2(4000)
AC_PARENTFOLDERID
NUMBER(38,0)
AC_SOXURL
VARCHAR2(4000)
AC_VALUE_AS_OF_DATE
DATE
138
Column Name
Description
Native Type
AC_VERSIONID
NUMBER(38,0)
GL_ACCOUNT
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_ACCOUNT (I1)
AC_ACCOUNT_TYPE
IX2_SX_ACCOUNT (I2)
AC_CLASSIFICATION
IX3_SX_ACCOUNT (I3)
AC_CREATOR
IX4_SX_ACCOUNT (I4)
AC_EXPORTLABEL
IX5_SX_ACCOUNT (I5)
AC_FULLPATH
IX6_SX_ACCOUNT (I6)
AC_LOCKSTATUS
IX7_SX_ACCOUNT (I7)
AC_NAME
IX8_SX_ACCOUNT (I8)
AC_NESTINGLEVEL
IX9_SX_ACCOUNT (I9)
AC_NESTINGPATH
IX10_SX_ACCOUNT (I10)
AC_PARENTFOLDERID
Sub-account Assertions
Physical Name: SX_SUBACCOUNT_ASSERTIONS
Foreign Key: SUBACCOUNT_ID
Foreign Key Reference: SX_SUBACCOUNT.SUBACCOUNT_ID
Indices: 2
Column Name
Description
Native Type
SUBACCOUNT_ID
NUMBER(38,0)
AC_ASSERTIONS
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
139
Table of Indices
Index Name
Table Column
IX1_SX_SUBACCOUNT_
ASSERTIONS (I1)
SUBACCOUNT_ID
IX2_SX_SUBACCOUNT_
ASSERTIONS (I2)
AC_ASSERTIONS
Processes
Physical Name: SX_PROCESS
Description: This table contains the information relating to the Process compliance object.
Primary Key: PROCESS_ID
Indices: 5
Column Name
Description
Native Type
PROCESS_ID
NUMBER(38,0)
PR_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
PR_CREATIONDATE
DATE
PR_CREATOR
NUMBER(38,0)
PR_CYCLE_OWNER
VARCHAR2(4000)
PR_DESCRIPTION
VARCHAR2(2048)
PR_FULLPATH
VARCHAR2(1024)
PR_LOCKSTATUS
VARCHAR2(256)
PR_MODIFIEDDATE
DATE
PR_NAME
VARCHAR2(4000)
PR_PARENTFOLDERID
NUMBER(38,0)
PR_SOXURL
VARCHAR2(4000)
PR_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
140
Table of Indices
Index Name
Table Column
IX1_SX_PROCESS (I1)
PR_CREATOR
IX2_SX_PROCESS (I2)
PR_FULLPATH
IX3_SX_PROCESS (I3)
PR_LOCKSTATUS
IX4_SX_PROCESS (I4)
PR_NAME
IX5_SX_PROCESS (I5)
PR_PARENTFOLDERID
Sub-Processes
Physical Name: SX_SUBPROCESS
Description: This table contains the information relating to sub-process compliance objects.
Primary Key: SUBPROCESS_ID
Indices: 11
Column Name
Description
Native Type
PROCESS_ID
NUMBER(38,0)
PR_ADDITIONAL_DESCRIPTION
VARCHAR2(256)
PR_CREATIONDATE
DATE
PR_CREATOR
NUMBER(38,0)
PR_DESCRIPTION
VARCHAR2(2048)
PR_EXPORTLABEL
VARCHAR2(256)
PR_FULLPATH
VARCHAR2(1024)
PR_LOCKSTATUS
VARCHAR2(256)
PR_MANAGEMENT_PRIORITY
VARCHAR2(256)
PR_MODIFIEDDATE
DATE
PR_NAME
VARCHAR2(4000)
PR_NESTINGLEVEL
NUMBER
141
Column Name
Description
Native Type
PR_NESTINGPATH
VARCHAR2(4000)
PR_PARENTFOLDERID
NUMBER(38,0)
PR_SOXURL
VARCHAR2(4000)
PR_SUBPROCESS_OWNER
May be used to assign the highestlevel of responsibility for the subprocess transaction.
VARCHAR2(256)
PR_TARGET_DESIGN_RATING
VARCHAR2(256)
PR_VERSIONID
NUMBER(38,0)
TRANSACTION
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_SUBPROCESS (I1)
PR_CREATOR
IX2_SX_SUBPROCESS (I2)
PR_EXPORTLABEL
IX3_SX_SUBPROCESS (I3)
PR_FULLPATH
IX4_SX_SUBPROCESS (I4)
PR_LOCKSTATUS
IX5_SX_SUBPROCESS (I5)
PR_MANAGEMENT_PRIORITY
IX6_SX_SUBPROCESS (I6)
PR_NAME
IX7_SX_SUBPROCESS (I7)
PR_NESTINGLEVEL
IX8_SX_SUBPROCESS (I8)
PR_NESTINGPATH
IX9_SX_SUBPROCESS (I9)
PR_PARENTFOLDERID
IX10_SX_SUBPROCESS (I10)
PR_TARGET_DESIGN_RATING
142
Control Objectives
Physical Name: SX_CONTROLOBJECTIVE
Description: This table contains the information relating to the Control Objective compliance
object.
Primary Key: CONTROLOBJECTIVE_ID
Indices: 5
Column Name
Description
Native Type
CONTROLOBJECTIVE_ID
NUMBER(38,0)
CO_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
CO_CATEGORY
Obsolete field.
VARCHAR2(4000)
CO_COSO_OBJECTIVE_CATEGORY
VARCHAR2(256)
CO_CREATIONDATE
DATE
CO_CREATOR
NUMBER(38,0)
CO_DESCRIPTION
VARCHAR2(2048)
CO_FULLPATH
VARCHAR2(1024)
CO_LOCKSTATUS
VARCHAR2(256)
CO_MODIFIEDDATE
DATE
CO_NAME
VARCHAR2(4000)
CO_PARENTFOLDERID
NUMBER(38,0)
CO_SOXURL
VARCHAR2(4000)
CO_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
143
Table of Indices
Index Name
Table Column
IX1_SX_CONTROLOBJECTIVE (I1)
CO_CREATOR
IX2_SX_CONTROLOBJECTIVE (I2)
CO_FULLPATH
IX3_SX_CONTROLOBJECTIVE (I3)
CO_LOCKSTATUS
IX4_SX_CONTROLOBJECTIVE (I4)
CO_NAME
IX5_SX_CONTROLOBJECTIVE (I5)
CO_PARENTFOLDERID
Column Name
Description
Native Type
CONTROLOBJECTIVE_ID
NUMBER(38,0)
CO_COSO_OBJECTIVE_CATEGORY
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_CONTROLOBJECTIVE_
COSO_O (I1)
CONTROLOBJECTIVE_ID
IX1_SX_CONTROLOBJECTIVE_
COSO_O (I2)
CO_COSO_OBJECTIVE_CATEGORY
144
Risk
Physical Name: SX_RISK
Description: This table contains the information relating to the Risk compliance object.
Primary Key: RISK_ID
Indices: 12
Column Name
Description
Native Type
RISK_ID
NUMBER(38,0)
RI_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
RI_ASSERTIONS
Obsolete field.
VARCHAR2(4000)
RI_COSO_OBJECTIVE_CATEGORY
VARCHAR2(256)
RI_CREATIONDATE
DATE
RI_CREATOR
NUMBER(38,0)
RI_DESCRIPTION
VARCHAR2(2048)
RI_FULLPATH
VARCHAR2(1024)
RI_GENERAL_GUIDANCE
VARCHAR2(4000)
RI_IMPACT
VARCHAR2(256)
RI_LIKELYHOOD
VARCHAR2(256)
RI_LOCKSTATUS
VARCHAR2(256)
RI_MODIFIEDDATE
DATE
RI_NAME
VARCHAR2(4000)
RI_PARENTFOLDERID
NUMBER(38,0)
145
Column Name
Description
Native Type
RI_RISK_IN_SCOPE
VARCHAR2(256)
RI_SOXURL
VARCHAR2(4000)
RI_TARGET_DESIGN_RATING
VARCHAR2(256)
RI_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_RISK (I1)
RI_CREATOR
IX2_SX_RISK (I2)
RI_FULLPATH
IX3_SX_RISK (I3)
RI_IMPACT
IX4_SX_RISK (I4)
RI_LIKELYHOOD
IX5_SX_RISK (I5)
RI_LOCKSTATUS
IX6_SX_RISK (I6)
RI_NAME
IX7_SX_RISK (I7)
RI_PARENTFOLDERID
IX8_SX_RISK (I8)
RI_RISK_IN_SCOPE
IX9_SX_RISK (I9)
RI_TARGET_DESIGN_RATING
146
Risk Assertions
Physical Name: SX_RISK_ASSERTIONS
Description: This table contains information relating to risk assertions.
Foreign Key: RISK_ID
Foreign Key Reference: SX_RISK.RISK_ID
Indices: 2
Column Name
Description
Native Type
RISK_ID
NUMBER(38,0)
RI_ASSERTIONS
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_RISK_ASSERTIONS (I1)
RISK_ID
IX2_SX_RISK_ASSERTIONS (I2)
RI_ASSERTIONS
Column Name
Description
Native Type
RISK_ID
NUMBER(38,0)
RI_COSO_OBJECTIVE_CATEGORY
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_RISK_COSO_OBJECTIVE_CAT (I1)
RISK_ID
IX1_SX_RISK_COSO_OBJECTIVE_CAT (I2)
RI_COSO_OBJECTIVE_CATEGORY
147
Controls
Physical Name: SX_CONTROL
Description: This table contains the information relating to the Control compliance object.
Primary Key: CONTROL_ID
Indices: 12
Column Name
Description
Native Type
CONTROL_ID
NUMBER(38,0)
CT_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
CT_ASSERTIONS_CONTROLLED
VARCHAR2(4000)
CT_CLASSIFICATION
VARCHAR2(256)
CT_CREATIONDATE
DATE
CT_CONTROL_METHOD
VARCHAR2(256)
CT_CONTROL_OWNER
VARCHAR2(4000)
CT_COSO_COMPONENT
VARCHAR2(256)
CT_CREATOR
NUMBER(38,0)
CT_DESCRIPTION
VARCHAR2(2048)
CT_DESIGN_EFFECTIVENESS
VARCHAR2(256)
CT_DOCUMENTATION_LOCATION
VARCHAR2(4000)
CT_DOES_THE_CONTROL_OWNE
R_PERF
VARCHAR2(256)
CT_FREQUENCY_OF_CONTROL_A
CTIVI
VARCHAR2(256)
CT_FULLPATH
VARCHAR2(1024)
CT_IT_SYSTEM
VARCHAR2(256)
148
Column Name
Description
Native Type
CT_LOCKSTATUS
VARCHAR2(256)
CT_MODIFIEDDATE
DATE
CT_NAME
VARCHAR2(4000)
CT_OPERATING_EFFECTIVNESS
VARCHAR2(256)
CT_PARENTFOLDERID
NUMBER(38,0)
CT_POSSIBLE_TEST_TYPES
VARCHAR2(4000)
CT_SITES_COVERED
VARCHAR2(4000)
CT_SOXURL
VARCHAR2(4000)
CT_VERSIONID
NUMBER(38,0)
CT_WHO_PERFORMS_CONTROL
VARCHAR2(4000)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_CONTROL (I1)
CT_CLASSIFICATION
IX2_SX_CONTROL (I2)
CT_CONTROL_METHOD
IX3_SX_CONTROL (I3)
CT_COSO_COMPONENT
IX4_SX_CONTROL (I4)
CT_CREATOR
IX5_SX_CONTROL (I5)
CT_DESIGN_EFFECTIVENESS
IX6_SX_CONTROL (I6)
CT_DOES_THE_CONTROL_OWNER_PERF
IX7_SX_CONTROL (I7)
CT_FREQUENCY_OF_CONTROL_ACTIVI
IX8_SX_CONTROL (I8)
CT_FULLPATH
IX9_SX_CONTROL (I9)
CT_LOCKSTATUS
IX10_SX_CONTROL (I10)
CT_NAME
IX11_SX_CONTROL (I11)
CT_OPERATING_EFFECTIVENESS
IX12_SX_CONTROL (I12)
CT_PARENTFOLDERID
149
Column Name
Description
Native Type
CONTROL_ID
NUMBER(38,0)
CT_ASSERTIONS_CONTROLLED
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_CONTROL_ASSERTIONS_
CONT (I1)
CONTROL_ID
IX2_SX_CONTROL_ASSERTIONS_
CONT (I2)
CT_ASSERTIONS_CONTROLLED
Control IT Systems
Physical Name: SX_CONTROL_IT_SYSTEM
Foreign Key: CONTROL_ID
Foreign Key Reference: SX_CONTROL.CONTROL_ID
Indices: 2
Column Name
Description
Native Type
CONTROL_ID
NUMBER(38,0)
CT_IT_SYSTEM
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_CONTROL_IT_SYSTEM (I1)
CONTROL_ID
IX2_SX_CONTROL_IT_SYSTEM (I2)
CT_IT_SYSTEM
150
Column Name
Description
Native Type
CONTROL_ID
NUMBER(38,0)
CT_POSSIBLE_TEST_TYPES
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_CONTROL_POSSIBLE_
TEST_T (I1)
CONTROL_ID
IX2_SX_CONTROL_POSSIBLE_
TEST_T (I2)
CT_POSSIBLE_TEST_TYPES
Column Name
Description
Native Type
CONTROL_ID
NUMBER(38,0)
CT_SITES_COVERED
VARCHAR2(256)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_CONTROL_SITES_
COVERED (I1)
CONTROL_ID
IX2_SX_CONTROL_SITES_
COVERED (I2)
CT_SITES_COVERED
151
Test
Physical Name: SX_TEST
Description: This table contains the information relating to the Test compliance object.
Primary Key: TEST_ID
Indices: 8
Column Name
Description
Native Type
TEST_ID
NUMBER(38,0)
TE_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
TE_CREATIONDATE
DATE
TE_CREATOR
NUMBER(38,0)
TE_DESCRIPTION
VARCHAR2(2048)
TE_FULLPATH
VARCHAR2(1024)
TE_GUIDANCE_FOR_TESTER
VARCHAR2(4000)
TE_LOCKSTATUS
VARCHAR2(256)
TE_MODIFIEDDATE
DATE
TE_NAME
VARCHAR2(4000)
TE_PARENTFOLDERID
NUMBER(38,0)
TE_SAMPLE_SIZE_USED
VARCHAR2(256)
TE_SOXURL
VARCHAR2(4000)
TE_TEST_FREQUENCY
VARCHAR2(256)
TE_TEST_FREQUENCY_OFFSET
NUMBER(38,0)
TE_TEST_PERFORMER
VARCHAR2(4000)
TE_TEST_REVIEWER
VARCHAR2(4000)
152
Column Name
Description
Native Type
TE_TEST_TYPES_EXPECTED
VARCHAR2(256)
TE_TESTING_STEPS
VARCHAR2(4000)
TE_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_TEST (I1)
TE_CREATOR
IX2_SX_TEST (I2)
TE_FULLPATH
IX3_SX_TEST (I3)
TE_LOCKSTATUS
IX4_SX_TEST (I4)
TE_NAME
IX5_SX_TEST (I5)
TE_PARENTFOLDERID
IX6_SX_TEST (I6)
TE_SAMPLE_SIZE_USED
IX7_SX_TEST (I7)
TE_TEST_FREQUENCY
IX8_SX_TEST (I8)
TE_TEST_TYPES_EXPECTED
153
Test Results
Physical Name: SX_TESTRESULT
Description: This table contains the information relating to the Control compliance object.
Primary Key: TESTRESULT_ID
Indices: 11
Column Name
Description
Native Type
TESTRESULT_ID
NUMBER(38,0)
TR_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
TR_CREATIONDATE
DATE
TR_CREATOR
NUMBER(38,0)
TR_DATE_PERFORMED
DATE
TR_DESCRIPTION
VARCHAR2(2048)
TR_EFFECTIVENESS
VARCHAR2(256)
TR_EXCEPTION_DESCRIPTION
VARCHAR2(4000)
TR_EXCEPTIONS
VARCHAR2(256)
TR_FULLPATH
VARCHAR2(1024)
TR_IS_THIS_A_RETEST
VARCHAR2(256)
TR_LOCKSTATUS
VARCHAR2(256)
TR_MODIFIEDDATE
DATE
TR_NAME
VARCHAR2(4000)
TR_PARENTFOLDERID
NUMBER(38,0)
TR_PERFORMED_BY
VARCHAR2(4000)
TR_PERSON_INQUIRED_OF_
OBSERVED
VARCHAR2(4000)
154
Column Name
Description
Native Type
TR_REVIEWED_BY
VARCHAR2(4000)
TR_REVEWER_CONCLUSION
VARCHAR2(256)
TR_REVIEWER_CONCLUSION_
COMMENT
VARCHAR2(4000)
TR_SAMPLE_SIZE_USED
VARCHAR2(256)
TR_SOXURL
VARCHAR2(4000)
TR_TEST_RESULT
VARCHAR2(256)
TR_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_TESTRESULT (I1)
TR_CREATOR
IX2_SX_TESTRESULT (I2)
TR_EFFECTIVENESS
IX3_SX_TESTRESULT (I3)
TR_EXCEPTIONS
IX4_SX_TESTRESULT (I4)
TR_FULLPATH
IX5_SX_TESTRESULT (I5)
TR_IS_THIS_A_RETEST
IX6_SX_TESTRESULT (I6)
TR_LOCKSTATUS
IX7_SX_TESTRESULT (I7)
TR_NAME
IX8_SX_TESTRESULT (I8)
TR_PARENTFOLDERID
IX9_SX_TESTRESULT (I9)
TR_REVIEWER_CONCLUSION
IX10_SX_TESTRESULT (I10)
TR_SAMPLE_SIZE_USED
IX11_SX_TESTRESULT (I11)
TR_TEST_RESULT
155
Issues
Physical Name: SX_ISSUE
Description: This table contains the information relating to Issues.
Primary Key: ISSUE_ID
Indices: 10
Column Name
Description
Native Type
ISSUE_ID
NUMBER(38,0)
IS_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
IS_ASSIGNEE
VARCHAR2(4000)
IS_CREATIONDATE
DATE
IS_CREATOR
NUMBER(38,0)
IS_DESCRIPTION
VARCHAR2(2048)
IS_DETAIL
VARCHAR2(4000)
IS_FULLPATH
VARCHAR2(1024)
IS_ISSUE_CREATED_BY
VARCHAR2(4000)
IS_ISSUE_IMPACT
VARCHAR2(256)
IS_ISSUE_PROBABILITY
VARCHAR2(256)
IS_ISSUE_TYPE
VARCHAR2(256)
IS_LOCKSTATUS
VARCHAR2(256)
IS_MODIFIEDDATE
DATE
IS_NAME
VARCHAR2(4000)
IS_PARENTFOLDERID
NUMBER(38,0)
IS_ROOT_CAUSE_DESCRIPTION
VARCHAR2(4000)
IS_ROOT_CAUSE_TYPE
VARCHAR2(256)
156
Column Name
Description
Native Type
IS_SOXURL
VARCHAR2(4000)
IS_STATUS
VARCHAR2(256)
IS_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_ISSUE (I1)
IS_CREATOR
IX2_SX_ISSUE (I2)
IS_FULLPATH
IX3_SX_ISSUE (I3)
IS_ISSUE_IMPACT
IX4_SX_ISSUE (I4)
IS_ISSUE_PROBABILITY
IX5_SX_ISSUE (I5)
IS_ISSUE_TYPE
IX6_SX_ISSUE (I6)
IS_LOCKSTATUS
IX7_SX_ISSUE (I7)
IS_NAME
IX8_SX_ISSUE (I8)
TR_PARENTFOLDERID
IX9_SX_ISSUE (I9)
IS_ROOT_CAUSE_TYPE
IX10_SX_ISSUE (I10)
IS_STATUS
157
Action Items
Physical Name: SX_ACTIONITEM
Description: This table contains information relating to Action Items.
Primary Key: ACTIONITEM_ID
Indices: 6
Column Name
Description
Native Type
ACTIONITEM_ID
NUMBER(38,0)
AI_ACTION_ITEM_TYPE
VARCHAR2(4000)
AI_ACTUAL_COMPLETION_DATE
DATE
AI_ADDITIONAL_DESCRIPTION
VARCHAR2(4000)
AI_ASSIGNEE
VARCHAR2(4000)
AI_BUSINESS_LOCATION
VARCHAR2(4000)
AI_COMMENT
VARCHAR2(4000)
AI_CREATIONDATE
DATE
AI_CREATOR
NUMBER(38,0)
AI_DESCRIPTION
VARCHAR2(2048)
AI_DETAIL
VARCHAR2(4000)
AI_DUE_DATE
DATE
AI_EXPECTED_COMPLETION_
DATE
DATE
AI_FULLPATH
VARCHAR2(1024)
AI_LOCKSTATUS
VARCHAR2(256)
AI_MODIFIEDDATE
DATE
AI_NAME
VARCHAR2(4000)
AI_PARENTFOLDERID
NUMBER(38,0)
AI_PERCENT_COMPLETE
NUMBER(38,0)
158
Column Name
Description
Native Type
AI_PREDECESSOR
VARCHAR2(4000)
AI_SOXURL
VARCHAR2(4000)
AI_START_DATE
DATE
AI_STATUS
VARCHAR2(256)
AI_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
IX1_SX_ACTIONITEM (I1)
AI_CREATOR
IX2_SX_ACTIONITEM (I2)
AI_FULLPATH
IX3_SX_ACTIONITEM (I3)
AI_LOCKSTATUS
IX4_SX_ACTIONITEM (I4)
AI_NAME
IX5_SX_ACTIONITEM (I5)
AI_PARENTFOLDERID
IX6_SX_ACTIONITEM (I6)
AI_STATUS
Column Name
Description
Native Type
ACTIONITEM_ID
NUMBER(38,0)
AI_ACTION_ITEM_TYPE
VARCHAR2(4000)
REPORTING _PERIOD
VARCHAR2(256)
159
Table of Indices
Index Name
Table Column
IX1_SX_ACTIONITEM_ACTION_
ITEM_ (I1)
ACTIONITEM_ID
IX2_SX_ACTIONITEM_ACTION_
ITEM_ (I2)
AI_ACTION_ITEM_TYPE
Signatures
Physical Name: SX_SIGNOFF
Description: This table contains information relating to signatures.
Primary Key: SIGNOFF_ID
Indices: 6
Column Name
Description
Native Type
SIGNOFF_ID
NUMBER(38,0)
SI_COMMENTS
VARCHAR2(4000)
SI_CREATIONDATE
DATE
SI_CREATOR
NUMBER(38,0)
SI_DESCRIPTION
VARCHAR2(2048)
SI_FULLPATH
VARCHAR2(1024)
SI_LOCKSTATUS
VARCHAR2(256)
SI_MODIFIEDDATE
DATE
SI_NAME
VARCHAR2(4000)
SI_PARENTFOLDERID
NUMBER(38,0)
SI_SOXURL
VARCHAR2(4000)
SI_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
160
Table of Indices
Index Name
Table Column
IX1_SX_SIGNOFF (I1)
SI_CREATOR
IX2_SX_SIGNOFF (I2)
SI_FULLPATH
IX3_SX_SIGNOFF (I3)
SI_LOCKSTATUS
IX4_SX_SIGNOFF (I4)
SI_NAME
IX5_SX_SIGNOFF (I5)
SI_PARENTFOLDERID
IX6_SX_SIGNOFF (I6)
SI_STATUS
Files
Physical Name: SX_FILE
Description: This table contains information relating to files.
Primary Key: FILE_ID
Indices: 6
Column Name
Description
Native Type
FILE_ID
NUMBER(38,0)
FI_CREATIONDATE
DATE
FI_CREATOR
NUMBER(38,0)
FI_DESCRIPTION
VARCHAR2(2048)
FI_FULLPATH
VARCHAR2(1024)
FI_LOCKSTATUS
VARCHAR2(256)
FI_MODIFIEDDATE
DATE
FI_NAME
VARCHAR2(4000)
FI_PARENTFOLDERID
NUMBER(38,0)
FI_SOXURL
VARCHAR2(4000)
FI_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
161
Table of Indices
Index Name
Table Column
IX1_SX_FILE (I1)
FI_CREATOR
IX2_SX_FILE (I2)
FI_FULLPATH
IX3_SX_FILE (I3)
FI_LOCKSTATUS
IX4_SX_FILE (I4)
FI_NAME
IX5_SX_FILE (I5)
FI_PARENTFOLDERID
Links
Physical Name: SX_LINK
Description: This table contains information relating to files.
Primary Key: LINK_ID
Indices: 6
Column Name
Description
Native Type
LINK_ID
NUMBER(38,0)
LI_CREATIONDATE
DATE
LI_CREATOR
NUMBER(38,0)
LI_DESCRIPTION
VARCHAR2(2048)
LI_FULLPATH
VARCHAR2(1024)
LI_LOCKSTATUS
VARCHAR2(256)
LI_MODIFIEDDATE
DATE
LI_NAME
VARCHAR2(4000)
LI_PARENTFOLDERID
NUMBER(38,0)
LI_SOXURL
VARCHAR2(4000)
LI_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
162
Table of Indices
Index Name
Table Column
IX1_SX_LINK (I1)
LI_CREATOR
IX2_SX_LINK (I2)
LI_FULLPATH
IX3_SX_LINK (I3)
LI_LOCKSTATUS
IX4_SX_LINK (I4)
LI_NAME
IX5_SX_LINK (I5)
LI_PARENTFOLDERID
Milestones
Physical Name: SX_MILESTONE
Description: This table contains information relating to files.
Primary Key: MILESTONE_ID
Indices: 6
Column Name
Description
Native Type
MILESTONE_ID
NUMBER(38,0)
MI_CREATIONDATE
DATE
MI_CREATOR
NUMBER(38,0)
MI_DESCRIPTION
VARCHAR2(2048)
MI_FULLPATH
VARCHAR2(1024)
MI_LOCKSTATUS
VARCHAR2(256)
MI_MODIFIEDDATE
DATE
MI_NAME
VARCHAR2(4000)
MI_PARENTFOLDERID
NUMBER(38,0)
MI_SOXURL
VARCHAR2(4000)
MI_VERSIONID
NUMBER(38,0)
REPORTING _PERIOD
VARCHAR2(256)
163
Table of Indices
Index Name
Table Column
IX1_SX_MILESTONE (I1)
MI_CREATOR
IX2_SX_MILESTONE (I2)
MI_FULLPATH
IX3_SX_MILESTONE (I3)
MI_LOCKSTATUS
IX4_SX_MILESTONE (I4)
MI_NAME
IX5_SX_MILESTONE (I5)
MI_PARENTFOLDERID
164
Parent Object ID
Child Object ID
SX__ENTITY_ENTITY
PARENTENTITY_ID
CHILDENTITY_ID
SX__ENTITY_ACCOUNT
ENTITY_ID
ACCOUNT_ID
SX__ENTITY_SUBACCOUNT
ENTITY_ID
SUBACCOUNT_ID
SX__ENTITY_PROCESS
ENTITY_ID
PROCESS_ID
SX__ENTITY_SUBPROCESS
ENTITY_ID
SUBPROCESS_ID
SX__ENTITY_CONTROLOBJECTIVE
ENTITY_ID
CONTROLOBJECTIVE_ID
SX__ENTITY_RISK
ENTITY_ID
RISK_ID
SX__ENTITY_CONTROL
ENTITY_ID
CONTROL_ID
SX__ENTITY_TEST
ENTITY_ID
TEST_ID
SX__ENTITY_TESTRESULT
ENTITY_ID
TESTRESULT_ID
SX__ENTITY_ISSUE
ENTITY_ID
ISSUE_ID
SX__ENTITY_ACTIONITEM
ENTITY_ID
ACTIONITEM_ID
SX__ENTITY_SIGNOFF
ENTITY_ID
SIGNOFF_ID
SX__ENTITY_FILE
ENTITY_ID
FILE_ID
SX__ENTITY_LINK
ENTITY_ID
LINK_ID
Account Relationships
Table Name
Parent Object ID
Child Object ID
SX__ACCOUNT_SUBACCOUNT
ACCOUNT_ID
SUBACCOUNT_ID
SX__ACCOUNT_ISSUE
ACCOUNT_ID
ISSUE_ID
SX__ACCOUNT_ACTIONITEM
ACCOUNT_ID
ACTIONITEM_ID
SX__ACCOUNT_SIGNOFF
ACCOUNT_ID
SIGNOFF_ID
SX__ACCOUNT_FILE
ACCOUNT_ID
FILE_ID
SX__ACCOUNT_LINK
ACCOUNT_ID
LINK_ID
165
Sub-Account Relationships
Table Name
Parent Object ID
Child Object ID
SX__SUBACCOUNT_SUBACCOUNT
PARENTSUBACCOUNT_ID
CHILDSUBACCOUNT_ID
SX__SUBACCOUNT_ISSUE
SUBACCOUNT_ID
ISSUE_ID
SX__SUBACCOUNT_ACTIONITEM
SUBACCOUNT_ID
ACTIONITEM_ID
SX__SUBACCOUNT_SIGNOFF
SUBACCOUNT_ID
SIGNOFF_ID
SX__SUBACCOUNT_FILE
SUBACCOUNT_ID
FILE_ID
SX__SUBACCOUNT_LINK
SUBACCOUNT_ID
LINK_ID
Process Relationships
Table Name
Parent Object ID
Child Object ID
SX__PROCESS_SUBPROCESS
PROCESS_ID
SUBPROCESS_ID
SX__PROCESS_ACCOUNT
PROCESS_ID
ACCOUNT_ID
SX__PROCESS_SUBACCOUNT
PROCESS_ID
SUBACCOUNT_ID
SX__PROCESS_CONTROLOBJECTIVE
PROCESS_ID
CONTROLOBJECTIVE_ID
SX__PROCESS_RISK
PROCESS_ID
RISK_ID
SX__PROCESS_CONTROL
PROCESS_ID
CONTROL_ID
SX__PROCESS_TEST
PROCESS_ID
TEST_ID
SX__PROCESS_TESTRESULT
PROCESS_ID
TESTRESULT_ID
SX__PROCESS_ISSUE
PROCESS_ID
ISSUE_ID
SX__PROCESS_ACTIONITEM
PROCESS_ID
ACTIONITEM_ID
SX__PROCESS_SIGNOFF
PROCESS_ID
SIGNOFF_ID
SX__PROCESS_FILE
PROCESS_ID
FILE_ID
SX__PROCESS_LINK
PROCESS_ID
LINK_ID
166
Sub-Process Relationships
Table Name
Parent Object ID
Child Object ID
SX__SUBPROCESS_SUBPROCESS
PARENTSUBPROCESS_ID
CHILDSUBPROCESS_ID
SX__SUBPROCESS_ACCOUNT
SUBPROCESS_ID
ACCOUNT_ID
SX__SUBPROCESS_SUBACCOUNT
SUBPROCESS_ID
SUBACCOUNT_ID
SX__SUBPROCESS_CONTROLOBJ
SUBPROCESS_ID
CONTROLOBJECTIVE_ID
SX__SUBPROCESS_RISK
SUBPROCESS_ID
RISK_ID
SX__SUBPROCESS_CONTROL
SUBPROCESS_ID
CONTROL_ID
SX__SUBPROCESS_TEST
SUBPROCESS_ID
TEST_ID
SX__SUBPROCESS_TESTRESULT
SUBPROCESS_ID
TESTRESULT_ID
SX__SUBPROCESS_ISSUE
SUBPROCESS_ID
ISSUE_ID
SX__SUBPROCESS_ACTIONITEM
SUBPROCESS_ID
ACTIONITEM_ID
SX__SUBPROCESS_SIGNOFF
SUBPROCESS_ID
SIGNOFF_ID
SX__SUBPROCESS_FILE
SUBPROCESS_ID
FILE_ID
SX__SUBPROCESS_LINK
SUBPROCESS_ID
LINK_ID
Parent Object ID
Child Object ID
SX__CONTROLOBJECTIVE_RISK
CONTROLOBJECTIVE_ID
RISK_ID
SX__CONTROLOBJECTIVE_CONTROL
CONTROLOBJECTIVE_ID
CONTROL_ID
SX__CONTROLOBJECTIVE_TEST
CONTROLOBJECTIVE_ID
TEST_ID
SX__CONTROLOBJECTIVE_TESTRESUL
CONTROLOBJECTIVE_ID
TESTRESULT_ID
SX__CONTROLOBJECTIVE_ISSUE
CONTROLOBJECTIVE_ID
ISSUE_ID
SX__CONTROLOBJECTIVE_ACTIONITE
CONTROLOBJECTIVE_ID
ACTIONITEM_ID
SX__CONTROLOBJECTIVE_SIGNOFF
CONTROLOBJECTIVE_ID
SIGNOFF_ID
SX__CONTROLOBJECTIVE_FILE
CONTROLOBJECTIVE_ID
FILE_ID
SX__CONTROLOBJECTIVE_LINK
CONTROLOBJECTIVE_ID
LINK_ID
167
Control Relationships
Table Name
Parent Object ID
Child Object ID
SX__CONTROL_TEST
CONTROL_ID
TEST_ID
SX__CONTROL_TESTRESULT
CONTROL_ID
TESTRESULT_ID
SX__CONTROL_ISSUE
CONTROL_ID
ISSUE_ID
SX__CONTROL_ACTIONITEM
CONTROL_ID
ACTIONITEM_ID
SX__CONTROL_SIGNOFF
CONTROL_ID
SIGNOFF_ID
SX__CONTROL_FILE
CONTROL_ID
FILE_ID
SX__CONTROL_LINK
CONTROL_ID
LINK_ID
Test Relationships
Table Name
Parent Object ID
Child Object ID
SX__TEST_TESTRESULT
TEST_ID
TESTRESULT_ID
SX__TEST_ISSUE
TEST_ID
ISSUE_ID
SX__TEST_ACTIONITEM
TEST_ID
ACTIONITEM_ID
SX__TEST_SIGNOFF
TEST_ID
SIGNOFF_ID
SX__TEST_FILE
TEST_ID
FILE_ID
SX__TEST_LINK
TEST_ID
LINK_ID
Parent Object ID
Child Object ID
SX__TESTRESULT_ISSUE
TESTRESULT_ID
ISSUE_ID
SX__TESTRESULT_ACTIONITEM
TESTRESULT_ID
ACTIONITEM_ID
SX__TESTRESULT_FILE
TESTRESULT_ID
FILE_ID
SX__TESTRESULT_LINK
TESTRESULT_ID
LINK_ID
Issue Relationships
Table Name
Parent Object ID
Child Object ID
SX__ISSUE_ACTIONITEM
ISSUE_ID
ACTIONITEM_ID
SX__ISSUE_FILE
ISSUE_ID
FILE_ID
SX__ISSUE_LINK
ISSUE_ID
LINK_ID
168
Parent Object ID
Child Object ID
SX__TESTRESULT_ISSUE
TESTRESULT_ID
ISSUE_ID
SX__TESTRESULT_ACTIONITEM
TESTRESULT_ID
ACTIONITEM_ID
SX__TESTRESULT_FILE
TESTRESULT_ID
FILE_ID
SX__TESTRESULT_LINK
TESTRESULT_ID
LINK_ID
Parent Object ID
Child Object ID
SX__ACTIONITEM_FILE
ACTIONITEM_ID
FILE_ID
SX__ACTIONITEM_LINK
ACTIONITEM_ID
LINK_ID
Milestone Relationships
Table Name
Parent Object ID
Child Object ID
SX__MILESTONE_MILESTONE
PARENTMILESTONE_ID
CHILDMILESTONE_ID
SX__MILESTONE_ISSUE
MILESTONE_ID
ISSUE_ID
SX__MILESTONE_ACTIONITEM
MILESTONE_ID
ACTIONITEM_ID
SX__MILESTONE_FILE
MILESTONE_ID
FILE_ID
SX__MILESTONE_LINK
MILESTONE_ID
LINK_ID
169
Milestone Relationships
Physical Name: SX__ASSOCIATION
Primary Key: None
Indices: 4
Column Name
Description
Native Type
PARENT
Parent resource ID
NUMBER(38,0)
PARENT_CTYPE_ID
NUMBER(38,0)
PARENTTYPE
VARCHAR2(256)
CHILD
Child resource ID
NUMBER(38,0)
CHILD_CTYPE_ID
NUMBER(38,0)
CHILDTYPE
VARCHAR2(256)
CHILD_LEVEL
NUMBER(38,0)
REPORTING_PERIOD
VARCHAR2(256)
Table of Indices
Index Name
Table Column
SX__ASSOC_PARENT_CTYPE_NDX
PARENT_CTYPE_ID
SX__ASSOC_PARENT_NDX
PARENT
SX_ASSOC_CHILD_CTYPE_NDX
CHILD_CTYPE_ID
SX_ASSOC_CHILD_NDX
CHILD
170
Security Tables
Security tables are used to create security reports and implement the SOX Express security
filters inside the reporting frameworks that support this feature.
In the Effective Rights table, all of the permission flags can be set to one of the following
values:
Effective Rights
Physical Name: EFFECTIVE_RIGHTS
Description: This table contains information relating to the users ability to modify the
resource.
Primary Keys: RESOURCEID, ACTORID
Indices: 1
Column Name
Description
Native Type
RESOURCEID
NUMBER(38,0)
ACTORID
NUMBER(38,0)
READACCESS
NUMBER(2,0)
RELATEACCESS
NUMBER(2,0)
WRITEACCESS
NUMBER(2,0)
DELETEACCESS
NUMBER(2,0)
MANAGEACCESS
NUMBER(2,0)
Table of Indices
Index Name
EFFECTIVE_RIGHTS_UN (I1)
Table Columns
ACTORID, RESOURCEID
171
Folders
Physical Name: FOLDERS
Description: This table contains information relating to folders.
Primary Keys: RESOURCEID
Indices: 1
Column Name
Description
Native Type
RESOURCEID
NUMBER(38,0)
FULLPATH
VARCHAR2(1024)
CREATORID
NUMBER(38,0)
CREATIONDATE
DATE
ACLINHERITFROMPARENT
NUMBER(38,0)
Table of Indices
Index Name
FOLDERS_FULLPATH (I1)
Table Columns
FULLPATH
Actors
Physical Name: ACTORINFO
Description: This table contains information relating to users.
Primary Keys: ACTORID
Indices: 1
Column Name
Description
Native Type
ACTORID
NUMBER(38,0)
NAME
VARCHAR2(256)
ADMINLEVEL
NUMBER(38,0)
VARCHAR2(256)
DESCRIPTION
VARCHAR2(1024)
ISIMPORTED
ISHIDDEN
NUMBER(1,0)
Whether the user is shown in user
picklists
NUMBER(1,0)
IMPRTERID
NUMBER(38,0)
OPEDITED
NUMBER(38,0)
172
Table of Indices
Index Name
ACTORINFO_UN (I1)
Columns
NAME
Audit Trails
Audit trail information is represented by a single table that aggregates change events to
compliance objects and the relationships between them.
Audit Trail
Physical Name: SX_AUDIT
Description: This table contains information relating to the audit trails.
Primary Keys: None.
Indices: 3
Column Name
Description
Native Type
RESOURCEID
NUMBER(38,0)
VERSIONID
NUMBER(38,0)
RESOURCE_NAME
VARCHAR2(256)
RESOURCE_TYPE
VARCHAR2(256)
WHO
VARCHAR2(230)
WHEN
DATE
WHICH_PROPERTY
VARCHAR2(256)
ACTION
VARCHAR(7)
OLD_VALUE
VARCHAR2(4000)
NEW_VALUE
VARCHAR2(4000)
CHANGE
VARCHAR2(4000)
Table of Indices
Index Name
Columns
SX_AUDIT_RES_NDX (I1)
RESOURCEID
SX_AUDIT_VER_NDX (I2)
VERSIONID
SX_AUDIT_WHEN_NDX (I3)
WHEN
173
Integrating with
TeamMate
What is TeamMate?
TeamMate EWP (Electronic Working Paper) is an audit management
system developed by PricewaterhouseCooper (PwC) that allows
auditors to increase the efficiency of the entire auditing process.
With Sarbanes-Oxley Express support for exporting and importing data
to and from TeamMate, you can leverage your existing auditing
infrastructure to interface with your SOX Express compliance object
model.
174
TeamMate Equivalent
Procedure
TeamMate Object
Test Result
Test Result
Exception (Issue)
If you have selected a process that does not contain Risks, Controls, or Tests, that
Process will not be exported.
If you have turned on the option to export Tests without Test Results, some of the
selected processes may already have Test Results associated with their Tests and
therefore would not be exported.
Make sure you are clicking the Export button, and not the Export TeamMate Tests
button. Clicking the Export TeamMate Tests button will ignore the selected processes
and compare all processes in the selected business entities with the property criteria
specified in the properties file.
Open a command window on the application server, if one is not already open.
Go to the WebLogic Server OpenpagesDomain directory and run the following
command on a single line:
ObjectManager load config SOXAdministrator <password>
<config-folder-path> <prefix>
Where:
<password> is the password to the SOXAdministrator account.
<config-folder-path> is the folder where the input files for the load process are to be
found (if not specified, they will be loaded from the current directory).
<prefix> is the prefix of the files used by the load process. For example, if the
generated filename of the TeamMate import file is teammate_data-op-config.xml, the
<prefix> value would be teammate_data (without the quotes).
3.
After ObjectManager has completed the command, close the command window.
Compliance
Object Type
Test (SOXTest)
Bundle Name
SOXTestTeammate
Property Name
Teammate Test
Performer
Teammate Test
Reviewer
Test Result
(SOXTestResult)
SOXTestResultTeammate
Teammate Project ID
Teammate Test Result
Conclusion
Teammate Date
Performed
Teammate Date
Reviewed
Issue (SOXIssue)
SOXIssueTeammate
Teammate Issue
Impact
Task (SOXTask)
SOXTaskTeammate
For each of these fields, you must complete the following procedure to display the new field in
SOX Express:
The next step in the process of enabling your new property is to edit the
configTileDefinitions.xml file so that your new property is recognized by the SOX Express
application.
To activate the new property:
1.
2.
3.
Find the definitions section for the compliance object you want to modify, as identified
by the string <object>.prop.body where <object> is the object you want to modify. For
example, if you are modifying a test, the string would be test.prop.body.
4.
5.
Remove the comment tags (<!-- and -->) from the object definition if this is the
first time you are modifying the object.
Modify the <putlist> tag to include the definition for the new property, as in the
example below:
<putList name="property.list">
<add value="test.property.isEffective"/>
<add value="test.property.newProp"/>
</putList>
The order of the property definitions controls the order in which they will be listed on
the object Details page and in the Add and Edit pages. Insert the new property
definition into the spot where you want the property to be listed.
Make sure the name for the new property definition (i.e. test.property.newProp in this
example) does not inadvertently match another property definition already defined for
the object.
Note: When modifying the Business Entity definition (busentity.prop.body), you must
remove the three sample property definition lines from the sample business entity
definition. The lines to be removed are:
<add value="customer.busentity.property.newProp"/>
<add value="customer.entity.property.ExecutiveOwner"/>
<add value="customer.entity.property.PrimaryOwner"/>
6.
Add the definition tag for the new property after the <definition> end tag containing
the <putlist> tag, using the format of the example below. A sample definition tag can
also be found in the XML file. Portions of the example in bold text should be replaced
with text specific to your property.
<definition>
<putList name="property.list">
<add value="test.property.isEffective"/>
<add value="test.property.newProp"/>
</putList>
</definition>
<definition name="test.property.newProp">
<put name="bundle.name" value="TestBundle"/>
<put name="property.name" value="AddedProperty"/>
</definition>
The string test.property.newProp should be replaced with the property name as defined
in the property list (e.g. test.property.teammateTestPerformer). The string
TestBundle should be replaced with the name of your new property bundle (e.g.
SOXTestTeammate). The string AddedProperty should be replaced with the name of
the new property you are adding (e.g. Teammate Test Performer.
After modification, the new property definition should look like this:
<definition name="test.property.TeammateTestPerformer">
<put name="bundle.name" value="SOXTestTeammate"/>
<put name="property.name" value="Teammate Test Performer"/>
</definition>
Make sure you match the spelling and case of the property bundle and property name
exactly. Use the values in the above table to determine the values you should be using
in your new definitions.
7.