Have you thought about journaling the files?  That way the files can still
be changed, but all changes are logged and traceable to a User ID.
Auditors love that knd of stuff.



                                                                                
                    
                    Johnny Helms                                                
                    
                    <Johnny.Helms@rhtelco.c        To:     
MIDRANGE-L@midrange.com                  
                    om>                            cc:                          
                    
                    Sent by:                       Subject:     Re: Programmer 
DFU access           
                    midrange-l-owner@UUCPHO                                     
                    
                    ST.MCS.NET                                                  
                    
                                                                                
                    
                                                                                
                    
                    06/16/00 07:29 AM                                           
                    
                    Please respond to                                           
                    
                    MIDRANGE-L                                                  
                    
                                                                                
                    
                                                                                
                    




The auditor was concerned with both. The main problem I have is that the
data DOES need to be changed, so just securing the files will not help. How
do other shops change actual data in files without using DFU on the
production box?

Johnny Helms

At 12:36 AM 6/16/00 +0000, you wrote:
>Was the auditor's concern that the data could be changed with DFU, or was
>their concern that the data could be changed without a record of the
>change's time, user, or data?
>
>_______________________
>Booth Martin
>Booth@MartinVT.com
>http://www.MartinVT.com
>_______________________
>
>
>
>
>Johnny Helms <Johnny.Helms@RHTelCo.Com>
>Sent by: owner-midrange-l@midrange.com
>06/15/2000 02:32 PM
>Please respond to MIDRANGE-L
>
>
>         To:     MIDRANGE-L@midrange.com
>         cc:
>         Subject:        Programmer DFU access
>
>I am looking for suggestions on how to secure a current production AS/400
>that has programmer's using DFU to change data in files. We do have a
>development system and I thought change management would allow this
>practice to be ended. However, after talking with Aldon, they have no
>suggestions.  The reason I am trying to end this practice is due to an
>Audit we recently had that we failed miserably.
>
>TIA,
>
>Johnny Helms
>Mid-Range Sytems Engineer
>
>+---
>| This is the Midrange System Mailing List!
>| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
>| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
>| To unsubscribe from this list send email to
>MIDRANGE-L-UNSUB@midrange.com.
>| Questions should be directed to the list owner/operator:
>david@midrange.com
>+---
>
>
>
>
>+---
>| This is the Midrange System Mailing List!
>| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
>| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
>| To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
>| Questions should be directed to the list owner/operator:
david@midrange.com
>+---


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to
MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator:
david@midrange.com
+---







+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.