Access to EDI Data 2675
-
Hello,
I am new to this forum and wondering if I can get some opinion regarding access to EDI data across different business units.
Since we use one EDI software for all business units, developers and EDI analysts have access to all data - PO’s, Invoices, etc., for all BU’s. Is this a violation of SOX Compliance?
Thank you.
-
Depends on the access. Can you provide more detail?
-
Thank you, Cassandra.
Developers and analysts alike are able to view data for all BU’s. So, Canada analysts can view US PO’s and vise-versa. My concern is that we negotiate pricing and contracts on a TP basis. Pricing contract with one TP for one product may not be the same with another TP for the same product. And the PO’s include pricing information that analysts can easily identify and view. worse part is, we have an analyst doing development.
Cheers.
-
The only issue I see here is the analyst performing the developement. Visability to the information, while not the best business practice, is not an issue.