Our auditors would indeed insist that the inactive session is not suspended by the screensaver at the desktop because the session is really between the mainframe and the terminal emulator not all the way to the person at the keyboard. The screensaver suspends the session between the person and desktop program.
/Tom Kern Marcy Cortes wrote: > Here's an example of one such policy > "A session must be suspended after a period of inactivity not to exceed > fifteen minutes. Reauthentication must be required to resume the session." > > Now, one could argue that all the desktops/laptops have this capability, but > some auditors will read this as needed on each system that has the ability to > authenticate. One can argue (and likely lose), or just setup velocity > tunefrc or the perftk equiv. We use FORCE DISC which is kinder, gentler. > > > Marcy