Verification and Compliance › Verification of Authorizations
Verification of Authorizations
Access authorizations must be periodically evaluated and any discrepancies justified. Some of the sources that are used to verify the authorizations are:
- System status displays
- Listing of all users and their authorizations and attributes
- Cross‑reference report of user bypass attributes
- Listing of changes to security definitions
- Listing of access authorizations to critical data sets and other resources
- Spot checking of ACID (using TSSSIM) for certain resource availability
Copyright © 2010 CA Technologies.
All rights reserved.
|
|