Hello dear all,

has anyone out there experiences with software compliance tools? I found only one until from a company call ABACUS. Is there any other tool to get?

Regards
Peter.:confused:

Compliance with what?

Sarbanes-Oxley?
ISO 9001?
The Agile Manifesto?
Venusian Building Codes?

mainly sarbanes-oxley, but i'm not really sure what compliance in this relation means. I've been reading the SOX-Act, but either I didn't catch the point or there is no point, referring to software tools.....

I need to import an variable of the HTML for baan. How I can make?

SOX-compliance, oh goody.

http://www.admiralsolutions.biz/blog/2005/10/dirty-sox.html#links

Software is almost by defintion not SOX compliant. Then again, there is no such thing as SOX compliancy.

Basically what you need to satisfy your SOX auditors is a solid history of who changed what. This can be as simple as a log file. For instance, SOX does not dictate that you can't use GTM in Baan. After all, the ttaad4100.log will keep track of who used it, when, and why.

Good luck

Hello Alex,

This question is probably better suited for the developer's forum and has definitely nothing to do with this thread, but ok:

If you can move the HTML file inside your Baan domain, then you can read it as any other text file and filter out the variable you need.
Assuming that you refer to an actual webpage, you will need another tool or script to load the page from the web into your BSE.

Can be done though.

I need to import an variable of the HTML for baan. How I can make?

SOX is very clearly related to software licensing in 2 main areas. Control and Management. SOX is clearly not related to Software per se, but more how it is used and how it is licensed. If you have no control over access, or more importantly who had access, then you have both lack of control and poor management.
Dont just think SOX, there are hundreds of laws depending on which jurisdiction you operate in, check it out carefully. If you trade with US, as we do, we need a SOX program or we lose sales because the buyers have to deal with companies who are SOX compliant.
As far as licenses are concerned, many of which are now user parameter driven, then you not only have compliance issues you have accounting standards issues. For example, our auditors where not happy when we discovered that we had a rather large liability that was not on Balance Sheet, a due diligence matter arose!!
Apart from these issue you should also look at the latest ISO standards on Software License Management (SAM) and maybe look out some recent recommendations from Forresters (An Enterprise Sofwtare License Bill of Rights)

I have spent much time looking into the compliance issues and I can assure you it is not somethiong to be taken so glibly. We actually found that we could not only get compliant, meet SOX standards (yes you can have a compliance program) we saved the cost in having spare licenses that were used when we acquired another company and we reduced our maintenance costs.

We also looked out source code on our systems and firstly removed all sorts of stuff left behind by our TP consultants. We found and cataloged all modified code and then negotiated an agreement with Infor to maintain that code for us. This released us to concentrate on all the projects we had that were running behind, so we are happy, the bosses are happy, the auditors are happy, the M&A team are happy, the accounts team are happy.

So, dont treat compliance so lightly, look for the benefits, and ensure you dont try to reinvent the wheel --- use the tools that are available. Yes we used a couple of products from a company that I note are now on the sponsor list.

If anyone needs any advice from someone who has been there and done it, just get in the chain.

SOX is very clearly related to software licensing in 2 main areas. Control and Management.
Yes, we know your sentiments on software licensing. The question was on software compliance though.

we saved the cost in having spare licenses that were used when we acquired another company and we reduced our maintenance costs.
You mean you had unused licenses when people were "downsized" after a take-over.

We also looked out source code on our systems and firstly removed all sorts of stuff left behind by our TP consultants. We found and cataloged all modified code and then negotiated an agreement with Infor to maintain that code for us.
You mean you bowed down to SSA and their shady licensing scheme and then accepted their offer to "fix" your situation.

I think that maybe you are bitter about something, maybe SSA fired you.

The original question was about software licensing as it related to products from ABACUS. You went off into a lecture on there being no such thing as SOX compliance, and software not being SOX compliant.

As the question was in relation to ABACUS software I tried to show just how a SAM program not only allowed us to build some elements into our SOX compliance program (auditable) but it also had other major benefits.

I am not sure where your statement about downsizing came from. What I pointed out was that by using eXert we managed to instigate a regular management over ACTUAL user access that resulted in us changing some processes that allowed us to free up users within our license numbers. When we acquired two other (ok small) companies we were able to use these 'free' licenses to introduce our systems into them without any cost. As a matter of fact both these companies have recieved the immediate benefit of ERP and grown substantially, they employ many more people, revenues have grown. I don't think I can relate the word downsizing to the situation at all.

We used Sourcerer to identify source that was actually left behind by a TP consultant who modified some code. We also found instances of source left behind when we did upgrades. We took control using this excellent and very cheap tool so that when WE approached Infor we had already tidied up and knew exactly what we wanted. They were very good about what had happened, especially when we found that the TP consultant did not have the right to the source in the first place. So another message, only use authorised consultants. WE decided to use Infor as the best we could get. They offered us a special maintenenace contract to cover the modified code. Our accountants worked out that the cost compared to inhouse resource (and buying the source/tools license); or going to a risky TP again, was by far in our favor. A cost/benefit exercise.

So, in answer to the original question about ABACUS compliance tools. They not only help with compliance with licenses, they offer a method of excercising good control and management (SOX) with a benefit that has paid back many times over.

A seperate topic rally, but We also gained transparency over who used what and when, we closed some security breaches that just cannot be seen in any other way than monitoring the usage. We now review the output from eXert on a regular basis and fix the malpractice instantly. If you think that just upfront security is enough, try the real world. We also intend to run Sourcerer at least monthly to ensure that we have a complete inventory of all objects and where they are used, at all times.