Security Management Guide (G06.29+, H06.08+, J06.03+)
Contents
Security Management Guide — 522283-021
vi
8. Concerns for the EDP Auditor
Search List Hazards 7-19
Suggestions for Dial-Up Users 7-20
Concerns for the OSS Environment 7-20
File Security 7-20
Altering File and Directory Permissions 7-21
Group Permissions 7-21
Default File Security 7-22
.profile File Security 7-22
8. Concerns for the EDP Auditor
System Files 8-1
Application Programs and Files 8-1
Utilities 8-1
The Super ID 8-2
Privileged IDs 8-2
Segregation of Duties 8-2
The User Community 8-2
Dial-Up Access 8-3
Network Security 8-3
Password Management 8-3
User Expiration 8-4
$CMON 8-4
Permissive Security 8-4
User Knowledge of File Security 8-5
CLEARONPURGE 8-5
Licensed Programs 8-5
PROGID Programs 8-5
Security Event Exits 8-6
A. Sample Policies
Sample Policy 1 A-1
Scope A-1
Controls A-1
Responsibilities A-1
Review A-2
Sample Policy 2 A-2
Corporate Information Security Policy A-2