|
Hello, I would like to mention: BPCS does NOT require any user to have *ALLOBJ authority to run the product. Even when it was recommended to use the SSA group profile for users enrolled in BPCS this was not true. Nor do we any longer require or recommend that the user enrolled in BPCS should have an SSA group profile for any currently supported version of the product including BPCS 4.05 CD. Be aware that any user can update BPCS data via use of their PC even if they do not have command line access by use of ODBC connections - so it is not secure if your AS/400 is linked to your PC network. There are BMRs out there (please see the archives for more on this topic) delivering recompiled KRSO objects so that User Profile *OWNER is used, and to secure the command line from adopting too much authority. These BMRs ship with README instructions explaining how to use the recompiled objects, along with an understanding and use of iSeries security features, in order to properly protect your BPCS data files. Thanks, Genyphyr Novak SSA GT R&D message: 2 date: Tue, 22 Feb 2005 14:18:36 -0500 from: Lisa.Abney@xxxxxxxxxxxxxxxxx subject: Re: [BPCS-L] Sox&BPCS Danny ... We passed our first Sarbanes Oxley audit in December with flying colors. It was a LOT of work, but the work was on the development side ... change control, developer access to objects, etc. ... nothing to do with BPCS. (And we are on 4.05 ... not a particularly current version!) The only thing they really questioned about BPCS was the fact that that release runs with users having all object authority, but once we documented for them that that was a requirement of the software, and that we control the risks by the other security features we have in place (users not having command line access, etc.), that was acceptable. Is there something in particular your auditors are questioning, with regards to BPCS? Lisa D. Abney Manager Development Support Sensient Technology Phone: (317) 240-1418
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.