Information Technology E-Commerce Multimedia Marketing-Advertising: Linda S Sturgeon

Sarbanes-Oxley Compliance E-Commerce Tracking - Reporting System for Harry and David Company, OR

Developed for E-Commerce Department, Harry and David Company, Medford Oregon. Together with another programmer, we analyzed, designed and implemented a complex Sarbanes-Oxley compliant system of tracking and reporting.

This system allows an auditor to track any code from business request to final deployment of code in production. From the work order request (see high level overview diagram below), the tracking system creates a job to which all ChangeLists are attached. The tracking follows all email regarding the job, contains the original work order and developer checklist, follows through software quality assurance to check in of developer code, and finalizes with the build processes in final sync of code to the production server by deployment script (which also automatically time stamps the job and closes it). The high level system diagram (below) gives a very bare basic framework; there is immense complexity in every component.

The requirement gathering and analysis included my personally installing my own upgrades for Websphere (WSAD), Perforce and DBVisualizer, as well as acquiring proficiency skills to use the programs to perform work requests to program code (primarily JSP, Javascript) for Administrator Console tools and Harry and David online catalog pages. A thorough working knowledge of Perforce was essential for analysis and to write code to manifest the Job within Perforce and how the deployment script would write to the Job. The reporting system works by querying Perforce and output can be made to MS Access, Excel, Crystal Reports and other tools.

Requirement gathering was a process of constant interaction with developers, software QA (testing), and build master, as well as getting information from head of SOX compliance, emails, and User Services Group. We worked closely with the E-Com manager and the entire team to produce a very thorough SOX compliance system that will easily facilitate and pass the auditing process.