Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Reply from mhpick1 on May 16 at 1:02 PM Thanks for the pep talk DalTecPM.
I did tell them that training must be done with the security roles we created and not
with developers accounts. One of the GBPO's then agreed that is the correct way
to process. So they will be testing in QA with security roles they will have in production.
Also they are now going to move our security roles from QA to Productions.
Two wins so far.
Mary
| | | ---------------Original Message---------------
From: DalTecPM
Sent: Tuesday, May 16, 2017 9:10 AM
Subject: ME/MII Software Security
OK, got all the great feedback to "Mary"; here's a practical solution...
Since you own Security, and this is a project, go to the PM and state that the suggested approach is not accepatable and induces Risk and you won't sign off on the approach.
If you are overrulled, make certain the Risk is noted in the Project's Risk log with all the appropriate risk sections filled in.
You are taking your role seriously, so don't quit, stay and make a difference. |
| Reply to this email to post your response. __.____._ |   _.____.__ |
