The normal SOX-type ones come to mind: * Identifying separation of duties (one user can not develop report/universe changes and have access to migrate through Dev/QA/Staging/Production environments)
* Ensuring account access is terminated to Dashboards/Analytics within an acceptable amount of time after termination * Ensuring roles/permissions are established and managed as to which users have access to sensitive data and ensuring users don't have blanket access to all objects/reports even those outside of their defined role. This one is challenging if you have stringent compliance standards as Analytics doesn't ship with any permissions designed for the OOB reports and you'll have to create them per your requirements. * Ensuring users are not accessing the system via shared accounts/service accounts. * Ensuring user password management for BOXI/Dashboards meets corporate standards (force reset on given interval (if required), password complexity standards, etc.) Nathan Aker ITSM Solution Architect McAfee, Inc. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Pankaj Malik Sent: Friday, May 25, 2012 8:51 AM To: arslist@ARSLIST.ORG Subject: Challenges faced by Remedy Administrator during IT audits ** Hello All, I am writing a whitepaper on BMC Dashboard and Analytics. Kindly, help by sharing what challenges, normally, are faced by a remedy administrator during IT audits or reviews. Look forward your feedback. Thanks in advance. -- Warm Regards, Pankaj Malik Executive, Marketing Vyom Labs Pvt. Ltd. BSM Solutions & Services || ITIL Consulting & Training Aditi Samruddhi, Baner, Pune-411045, India. Telephone: +91-20-6632-1087 || Board Line: +91-20-6632-1000 Email: pankaj.ma...@vyomlabs.com<mailto:%20pankaj.ma...@vyomlabs.com> || Web Site: www.vyomlabs.com<http://www.vishvavidya.ac.in/> _attend WWRUG12 www.wwrug.com<http://www.wwrug.com> ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"