Skip to Content
0
Former Member
Nov 05, 2012 at 09:32 PM

Change control for security roles

73 Views

Can people share their workflows for changing (or creating) a security role?

- do you have a concept that only authorized requesters can request changes to security roles?

- who approves? role owners? role owners plus functional area or transaction owners? does the security team manager need to approve?

- how are details and approvals captured? email? a request form? ticket-system?

- do you have SLAs or lead-time requirements? if so what are they?

Hoping to compare notes here. Many security roles at my client will be redesigned and we need processes to make sure they stay securely built. right now, basically everything is handled with emails and inconsistent approvals.

thanks...