« Driving IT Efficiencies and Improving Quality of Service | Main| Lotusphere 2008 »

Seven Steps to ACL Compliance—Part Two: Establish ACL Control Process

This is the second of a seven part series of posts about ACL compliance. Click here to read the first post.

Establish ACL Standards
Establish ACL Control Process
Establish Management Process For ACL Change Requests
Audit and Benchmark Current ACL Landscape
Correct Non-Standard ACL Issues
Monitor and Record ACL Changes
Immediately Remediate All New Non-Standard ACL Issues

What is a Control Process
A control process is a series of documented steps for:
  • Monitoring changes to ACLs
  • Auditing changes to ACLs
  • Managing changes to the ACLs
Documentation must identify which tools must be used, who is responsible for the process, how reports are created and remediation steps should a problem be identified.

Why it’s important Without a documented control process administrators will invent their own methods for auditing and controlling ACLs and each method will be distinctly different. This could again lead to uncontrolled standards compliance.

Standards don’t work without control Without process control, documentation and training, implementing and maintaining standards for ACLs will not work.

Document, document, document Everything must be written down and understood by everyone. Checks must be in place to ensure consistency.

Category  

Posted by Mike Wetherbee On 01/15/2008 | | | |   | del.icio.us  | Technorati  | Digg This 

Post A Comment

Contact Us

Submit Tool Tip

Submit Feedback

Feeds

Custom Button Custom Button

Latest Tweets

Category Cloud

Disclaimer

The views expressed by the authors on this blog do not necessarily reflect the views of Teamstudio, those who link to this blog, or even the author’s mother, father, sister, brother, uncle, aunt, grandparents, cousins, step relations, any other blood relative - and sometimes not even the author himself or herself.

Comments on this website are the sole responsibility of their writers and it is assumed those writers will take full responsibility, liability, and blame for any libel or litigation that results from something written in, or as a direct result of something written in, a comment. The accuracy, completeness, veracity, honesty, exactitude, factuality and politeness of comments are not guaranteed. Oh, how they are SO not guaranteed.
en-us,en;q=0.5OFFCCBot/1.0 (+http://www.commoncrawl.org/bot.html)38.107.179.212www.getthemostfromnotes.comHTTP/1.180Lotus-Domino/tsblog.nsf/d6plinks/TBAN-7AVJZD