Security+ 2008 Unit-18.csv

  1. It is recognized today that COMPUTER SYSTEMS can be as complex
    as building an AIRCRAFT or a SKYSCRAPER. Just as you would not change a PART in an aircraft or make a change in a buildings Plan w/o a full understanding of its consequences and FULL DOCUMENTATION; In the same manner and with the same care; CHANGES in the computer system must be carefully considered prior to implementing them and fully documented in order to prevent NEGATIVE consequences to a company; such as the very value of its STOCK and REPUTATION if there is a perception a company does not know how to MANAGE its Computer Systems.
  2. In this Chapter; CHANGE MANAGEMENT refers to
    a STANDARD-METHODOLOGY for performing and recording Changes during SoftWare Development and System Operation. The METHODOLOGY define steps that endure that System Changes are REQUIRED by the organization and properly AUTHORIZED -DOCUMENTED -TESTED -and APPROVED by Management.
  3. What about recent U.S. Legislation like SABARNES OXLEY (SOX)
    This is a piece of legislation AIMED at REGULATING how FIRMS (i.e. in Wall Street) Manage their information. Although SOX does not mandate specific changes in management methodology; IT DOES MANDATE THAT *IT* PROCESSES BE UNDER THE CONTROL OF *MANAGEMENT* (so they can be held responsible when scandals develope as in Wall Street recently)
  4. The key concept of SEPARATION OF DUTIES (SEGREGATION)
    A foundation for CHANGE MANAGEMENT is the recongnition that involving MORE THAN ONE INDIVIDUAL in a process can REDUCE RISK.
  5. QA
    Quality Assurance
Author
Anonymous
ID
27638
Card Set
Security+ 2008 Unit-18.csv
Description
t
Updated