What is SOX and why should I care?
In 2002, the US Congress passed the Sarbanes-Oxley Act (SOX) to protect shareholders and the general public from accounting errors and fraudulent practices by businesses. If your business deals with public financial information you need to be able to show that you are SOX compliant.
To be SOX compliant you must have controls in place to ensure that financial data is accurate and protected against loss.
Asynchronous Replication and RPO
One way that businesses protect themselves against data loss is by using asynchronous remote replication methods such as IBM Global Mirror.
IBM Global Mirror will allow you to replicate data at great distances in a consistent fashion. However, the remote data will always be some amount of time behind the production data.
This time period is called the Recovery Point Objective (RPO). Although we would all like to have an RPO of zero, this is not technically feasible with replication at long distances.
Controlling IBM Global Mirror
IBM Globally Dispersed Parallel Sysplex (GDPS) provides additional software and services that can automate many aspects of replication management and recovery.
GDPS collects data about the health of Global Mirror sessions including RPO and puts the data into an SMF record (type 105). Although GDPS does a good job of collecting the data, it really does not provide a way to manage metrics such as the RPO.
If RPO is not managed, it could grow large and a disaster would result in the loss of a great number of transactions. This could irreparably harm the accuracy of your company’s financial records.
IntelliMagic Vision provides you with the means to truly manage your IBM Global Mirror sessions. That means you receive alerts when the RPO exceeds the target and you have the instrumentation at your disposal to find root cause and take appropriate action if that happens. Being able to demonstrate this is especially important in the event of a SOX compliance audit.
With IntelliMagic Vision you can track the key Global Mirror parameters such as RPO and receive alerts if targets are consistently being exceeded. Figure 1 below shows a rated chart for RPO that illustrates this.
In this case we see a warning that RPO is beginning to exceed the target. You should have a process in place to track and investigate situations like this and take corrective action.
Other capabilities within IntelliMagic Vision provide the insight needed to determine root cause and help plan a fix. By showing a SOX auditor this documented process including IntelliMagic Vision for measurement and alerts, you can prove compliance in terms of controlling the currency of your data.
Keep your Sox on!
It can be more than embarrassing if you are caught with your SOX off. Consequences for noncompliance may include fines, imprisonment, or both! That is why you need to establish a set of business practices that demonstrate compliance. IntelliMagic Vision can be a key component of this. Even with the increasingly casual business attire we see today, you will want to keep these SOX on no matter what!
Subscribe to our Newsletter
Subscribe to our newsletter and receive monthly updates about the latest industry news and high quality content, like webinars, blogs, white papers, and more.
Unraveling the z16: Understanding the Virtual Cache Architecture and Real-World Performance | IntelliMagic zAcademy
This webinar will provide detailed z16 insights, including an overview of all key z16 advances and a deep dive into the new cache architecture.
Metro Global Mirror (MGM) Monitoring in GDPS Sites | IntelliMagic zAcademy
This webinar will will provide practical advice about monitoring the recovery point objective (RPO) and factors affecting RPO.
What’s New with IBM DS8900F?
Release 9.1 for the DS8900F storage array contains numerous product improvements that should be interesting and useful to any shop that has DS8900F installed or is considering it.