8.5. SYSTEM SECURITY ADMINISTRATION

System security administration is the process through which an information system is protected against unauthorized access and accidental or intentional destruction or alteration. How the available logical security controls are administered after the system has been implemented is equally as critical as the design of the logical security controls. Very likely the majority of systems encountered in the real world have less-than-optimal logical security design, thereby elevating the urgency to strengthen other available controls. In some cases, weaknesses in the logical security design of a system can be controlled sufficiently through proper deployment of other available logical security controls. In other cases, the weaknesses cannot be adequately controlled. If not, then monitoring controls and procedures should be implemented to identify potential system violations in a timely manner until the system can be redesigned and programmed to prevent such weaknesses. Essential security-related functions performed by a system security administrator include the creation of user IDs and assignment of their associated system access capabilities, the deployment of system security parameters, and monitoring of the system to help prevent and detect potential instances of unauthorized system usage.

When a user ID is first created on a system, the system security administrator should grant the user only those access capabilities authorized by the data owner, ...

Get Auditing Information Systems, Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.