Connecting the Dots — How to Combine Sources of Information to Effectively Assess Business Application Controls
Project and Program:
Enterprise Data Center,
Security and Compliance
Tags:
Proceedings,
2017,
SHARE San Jose 2017
Obtaining a realistic assessment of the controls associated with applications hosted by z/OS environments requires combining what is already known (or knowable) about z/OS operations and tracking down how the application really works. All too often, documentation of application controls are devoid of the realities of CICS, external security managers, middleware like DB2 Connect or MQ, schedulers, database architectures/schemas and how users’ sessions are managed across platforms. In this Connecting the Dots -- How to Combine Sources of Information to Effectively Assess Business Application Controls session the speaker will demonstrate how to make the trip from the users’ web pages through the layers of the application, middleware, external security manager and databases to identify the control points and conduct an effective controls assessment.-David Hayes-US Government Accountability Office
Back to Proceedings File Library