Quick question for software developers and auditors

Sep. 13th, 2011 02:08 pm
king_pellinor: (Default)
[personal profile] king_pellinor

I've just been asked to verify that two controls over the security of an application we use are operating effectively.

One control is that we restrict developer access to particular people, and the other is that we ensure that the list of people permitted to access it through a certain security portal has been updated properly.

The application is developed by a third party, and we have no developer access at all.  Also, we don't use that security system, as  it's designed for mainframes and we work on Windows.

So as the two controls are utterly irrelevant to the application, are they "operating effectively" or not?

I'm threatened with "further action" if I get this wrong...

  • Add Memory
  • Share This Entry
This account has disabled anonymous posting.
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

king_pellinor: (Default)
king_pellinor

November 2021

S M T W T F S
 123456
78910111213
14151617181920
2122232425 2627
282930    

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 15th, 2026 12:59 pm
Powered by Dreamwidth Studios