RSM427H1 Lecture Notes - Lecture 11: Jd Edwards, Physical Security, Quarterly Review
Document Summary
Provide approximately 1-3 sentences of detail to column 1. For deficiencies complete column 3, for test procedures of good controls, complete column 4 (do not complete both 3 and 4) Groups 1 & 2: access to programs and data. Consider controls over user ids and passwords, user access administration, physical security and security policy. State risk addressed, control objective, test of control. When users join the company, the hr department sends a notification to the it department of the date and relevant department. The it department then sends a user authorization form to the user depart(cid:373)e(cid:374)t"s (cid:373)a(cid:374)ager. The form allows the user department manager to list in detail the specific permissions provided in jd edwards as well as the desktop applications that the user should be provided such as office. Access to computer room is controlled by card key. Only employees with a specific job reason has access. Separate operating passwords in place are only available to it staff.