Home » Auditors

Add new comment

Auditors
Submitted by marius on Thu, 2008-07-10 09:12.

Putting my former auditor hat back on...

The auditor is (or, at least, should be) looking for ways to mitigate a risk that they've identified. For the first step, I'd ask the auditor in question to clearly spell out the risk or implication that they've identified.

Second, in audit terms, there's a concept of a mitigating control. Say management says the risk is acceptable to them, then you would want to demonstrate mitigating technologies/processes/etc. that reduce the risk that the auditor identified for having the root account in place.

Things like audit trails of who uses the root account (maybe you only let local users switch to root through `su` instead of permitting network based logins that you can't identify the source user through), automated tools that reset the root password when someone needs to use the account (i.e., Bob requested root for this purpose, so the system will set the password for him and regenerate/scramble the password after a certain time window), etc.

-M

Reply


*

  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <hr> <dl> <dt> <dd> <h2> <h3> <h4> <pre> <i> <table> <tr> <th> <td> <img> <div> <p> <br> <blockquote> <font>
  • Lines and paragraphs break automatically.
  • Images can be added to this post.
  • Easily link to terms in various wikis or other websites by typing [prefix:term]. Use the "|" character to create a "piped link," e.g., "[w:public transport|public transportation]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
  • You may use [inline:xx] tags to display uploaded files or images inline.
  • Web and e-mail addresses are automatically converted into links.
  • Web and e-mail addresses are automatically converted into links.
  • Lines and paragraphs break automatically.
  • You may use [inline:xx] tags to display uploaded files or images inline.
  • Images can be added to this post.
  • You may use [inline:xx] tags to display uploaded files or images inline.
  • Easily link to terms in various wikis or other websites by typing [[prefix:term]]. Use the "|" character to create a "piped link," e.g., "[[w:public transport|public transportation]]" displays as "public transportation." For a full list of available prefixes and the websites to which they point, see interwiki.
  • WikiText is converted to HTML (supported WikiText formatting will show in the long tip format).
More information about formatting options
Verify comment authorship
Captcha Image: you will need to recognize the text in it.
*
Please type in the letters/numbers that are shown in the image above.