Sarbanes-Oxley (SOX) -> SOX compliance is defined by the corporation referencing a set of internal controls frameworks. SOX compliance should be done in the context for an enterprise-wide SOX initiative.
Security (No Generic ID's, Review of access privileges, Enterprise wide password policy)
Access -> Security -> User Mgmt (Uniqe name for each a/c, password mgmt)
Access -> Security -> Segregation of duties (DEv no access to prod etc)
Access -> Auditing -> Appl/DB/OS auditing
Change Management (everything should be documented and go by ticket or change request systems )
Changes -> Change Management -> Object Migration/Schema Changes
Changes -> Change Management -> Appl configuration/Schema changes
Changes -> Change Management -> Appl Configurigation/DB configurigation
Changes -> Change Management -> Appl/DB/OS Patches
Operations -> Monitoring & Troubleshooting -> Appl/DB/OS
Operations -> Availablity -> Appl/DB/OS
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment