Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Customer Examples

    Hochgeladen von

    rmcms
    18 Ansichten13 Seiten
    Customer Examples

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PPT, PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Customer Examples

    Copyright:

    © All Rights Reserved
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    18 Ansichten13 Seiten

    Customer Examples

    Hochgeladen von

    rmcms
    Customer Examples

    Copyright:

    © All Rights Reserved
    Als PPT, PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 13

    drive

    BMC Sarbanes-Oxley
    Control Automation:
    Customer Case
    Studies
    December 7, 2004

    Sarbanes Audit Overview

    Large Retail Franchise: Asset &


    Change Management
    Issue
    Single system of record (Finance, IT, HR, Stores 2500+)

    35,000 Pocket PCs, 31,000 Workstations, server**


    Accommodate hypergrowth/acquisitions (New Chain in 2004 200+ stores)

    Maximize uptime
    Reduce impact of viruses, techno phobic users, field support, low link bandwidth

    License Compliance (purchased vs deployed)


    Identify & eliminate unauthorized installations

    Security
    Reduce number of unauthorized changes (clean up/rollback)
    Restrict who can target what to whom during X times
    Comprehensive Inventory

    Reporting (Schedule, Email, Accuracy/Integrity)


    Identify, eliminate, reduce risks

    BMC Solutions
    Marimba Desktop, Server, Device and Patch Management

    Sarbanes Oxley Value


    Only Authorized Software
    Marimba Configuration Discovery 3,000 (Applications)
    Categorize (Dangerous, Unwanted, Allowed, Authorized)
    Dangerous software immediately uninstalled upon detection

    Insure Anti-virus up to date and installed on EVERY system


    Report repeat offenders/violators
    Scanner Extension automatically sends email when reg scanner
    identifies virus by definition file.

    License compliance
    Asset Management
    System of record
    License Tracking (Config Discovery for real time audits)
    Easily extensible Reporting

    Large Financial Institution: Asset


    & Change Management
    Issue
    Single system of record (Finance, IT, HR)
    Maximize uptime (70,000 workstations, 10,000 servers, 5,000 ATMs)

    Reduce time in queue for down systems


    Increase proactive service management (Patch, Software Distribution)
    Reduce impact to resources (Tellers, Brokers, Loan officers, Systems)
    Traverse secure network environment Low Links (2300)

    License Compliance (purchased vs deployed)


    Security

    Reduce number of unauthorized changes (clean up/rollback)


    Restrict who can target what to whom during X times

    Reporting (Schedule, Email, Accuracy/Integrity)

    BMC Solutions
    Remedy HelpDesk & Change Management
    AR Server Repository/Workflow
    Marimba Desktop, Server and Patch Management

    Inventory Value
    Establishing a system of
    record
    Software Delivery
    Target subsets of your environment (collections)
    Report success rate of deliveries
    Asset Management
    Comprehensive source of information
    Easily extensible
    License Compliance
    Software delivery standard software compliance
    standard
    Target subsets for application removal

    Architectural Overview

    Architectural OverviewData Collection

    Reporting Process
    Controlled Reports

    Reporting Process
    Controlled Access

    Reporting Process
    Controlled & Open Access

    Inventory Best Practices & Pitfalls


    -Scheduling Inventory Scans

    Pacific
    12:00 AM
    1:00 AM
    2:00 AM
    3:00 AM
    4:00 AM
    5:00 AM
    6:00 AM
    7:00 AM
    8:00 AM
    9:00 AM
    10:00 AM
    11:00 AM
    12:00 PM
    1:00 PM
    2:00 PM
    3:00 PM
    4:00 PM
    5:00 PM
    6:00 PM
    7:00 PM
    8:00 PM
    9:00 PM
    10:00 PM
    11:00 PM

    Inventory Scans
    Servers
    Servers
    Branch Workstations Servers
    Branch Workstations
    Branch Workstations
    Branch Workstations
    Corp Workstations
    Corp Workstations
    Corp Workstations
    Corp Workstations

    Corp Workstations
    Corp Workstations
    Corp Workstations
    Corp Workstations

    Maintenance

    Servers

    ATMs
    ATMs
    ATMs
    ATMs

    Assessing the Readiness of IT:

    1.

    Does the SOX Committee understand the risks in IT systems with compliance to 404?

    2.

    Does IT understand the financial reporting process and its supporting systems?

    3.

    Does CIO understand types of IT controls needed to support financial processing?

    4.

    Are policies governing security, availability and processing integrity established,


    documented and communicated to all members of the IT organization?

    5.

    Are ITs roles and responsibilities related to Section 404 understood by ALL staff?

    6.

    Do members IT

    understand their roles,


    do they possess skills to perform job responsibilities relating to internal control, and
    are they supported with appropriate skill development?

    7.

    Is your assessment process integrated companys risk assessment process for


    financial reporting?

    8.

    Does IT document, evaluate and remediate IT controls related to financial reporting


    annually?

    Das könnte Ihnen auch gefallen