SOX Auditing on BPC 7.0
We are in the process of rolling out BPC 7.0 and have run into some SOX auditing issues. The team leveraging the software is not large enough to segment roles in order to fulfill the segregation of duties requirement. Because of this, it looks like we are going to have to use IT resources, to push changes into production, in order to mitigate the finance team being able to make changes and having the ability to move them to production.
All of this can be subverted if we can find a way to implement a robust logging mechanism. From what I have heard, BPC does not have the ability to track changes to logic files.
Does anyone know of a way to track logic changes?
How are other companies meeting SOX logging and segregation of duties requirements?
Are there any third part tools that can handle SOX compliance for us?