Skip to content. Skip to navigation Oracle Application Development & System Programmer Sacramento California

Knowledge Base

Services

Lecture Series

Technical Papers & Write-Ups

Help Center

Successful IT Projects

Oracle Developers

Data Modelers

Database Administrators

Java Developers

Microsoft Developers

IT Project Managers

Enterprise Architects

Document Actions

Procedure Step:Authorizing Access

by Ritesh Saxena — last modified 2007-03-01 23:52

Audit Step:

1. Obtain agency policies and procedures for authorizing access to information resources and documenting such authorizations for the application.

2. Obtain an understanding of how the agency determines what access an employee will have to the application and who is responsible for determining the access level. Obtain a listing of individuals with Administration Rights.

3. Determine how the agency monitors access, investigates apparent security violations, and takes appropriate remedial action.

4. Determine if an access path diagram has been established. Such a diagram identifies the users of the system, the system on which these resources reside, and the modes of operation and telecommunications paths.

Purpose:

To obtain an understanding of how access to the system is determined and at what levels access can be restricted.

Telecommand Software and Services

This site conforms to the following standards: