The only time I have encountered a DBA in this circumstance was at a bank
where there was a requirement to control the creation of fields and files.
This had it's origins in a S/38 environment and was carried into the AS/400
environment.
Norm Dennis
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx]On Behalf Of Graap, Kenneth
Sent: Thursday, 1 November 2007 12:17 AM
To: Midrange Systems Technical Discussion
Subject: Separation of Duties...
We are in the middle of an IS Audit and the auditor is asking us why we
don't separate the duties of DB Administrator and System Administrator
on our System i platform.
.Historically we have always combined these duties on the System i but
we are now being pressured to come up with a way to separate them.
As anyone else had to do this and if so, how did you define these duties
and set up system security to enforce it?
or ... can anyone share a compelling argument for not separating these
duties?
Kenneth
****************************************
Kenneth E. Graap
IBM Certified Specialist
iSeries Multiple System Administrator
NW Natural (Gas Services)
keg@xxxxxxxxxxxxx
Phone: 503-226-4211 x5537
FAX: 503-721-2518
****************************************
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/midrange-l.
midrange.com
