Académique Documents
Professionnel Documents
Culture Documents
S. Access Control Logical Application Group Application Users System / application administrator Application Group- rights & privileges Application Users- rights & privileges Audit trail / Logs Report from application Maker / Checker Access to application key files & folders Application password policy Generic users User Ids & Password hard coded in any scriptsDocumentation Super user passwords in sealed envelop Application version Application patches testing and procedure followed Input data validation for key fields. Sign off document
Application Exception reports Data base Data base Group Data base Users Data base administrator Data base Group- rights & privileges Data base Users- rights & privileges Audit logging Auditing of data base administrator. Log shipping Access to log files Access to archival log files Access to DB home directory Data base password policy Database hardening Data base version Data base patches Data base licenses Generic users User Ids & Password hard coded in any scripts Documentation Super user passwords in sealed envelop Review of database user access rights - guidelines Back end access Back up offsite storage BCP & Disaster recovery setup Testing of BCP & Disaster recovery setup Monitoring of online replication from DC to DR
Log monitoring DB,OS - How , frequency Operating system Application, Database, Web application. Operating system Group Operating system Users Operating system administrator Operating system Group- rights & privileges Operating system Users- rights & privileges Audit logging Auditing of Operating system administrator. Log shipping
Access to log files Access to archival log files Access to OS directory Operating system password policy Operating system hardening Operating system version Operating system service pack / hot fixes Operating system licenses Generic users User Ids & Password hard coded in any scripts Documentation Super user passwords in sealed envelop Review of OS user access rights - guidelines Clock synchronisation Application , DB ,Web Servers part of domain
User Access Management application User Access Management data base User Access Management Operating system Interfaces between other applications documentation Data upload Test environment Segregation of duties - Access to production setup Developer Documented Operating critical procedures Various processes