Announcement:
wanna exchange links? contact me at sapchatroom@gmail.com.
Posted by
Admin at
Reply from DalTecPM on May 16 at 9:11 AM OK, got all the great feedback to "Mary"; here's a practical solution...
Since you own Security, and this is a project, go to the PM and state that the suggested approach is not accepatable and induces Risk and you won't sign off on the approach.
If you are overrulled, make certain the Risk is noted in the Project's Risk log with all the appropriate risk sections filled in.
You are taking your role seriously, so don't quit, stay and make a difference.
| | | ---------------Original Message---------------
From: mhpick1
Sent: Thursday, May 11, 2017 9:43 AM
Subject: ME/MII Software Security
We have consultants in that are making changes in DEV, QA and soon Production for our new ME/MII software.
They are now telling security that we will have to setup all the users and user group permissions in QA and Production and they won't be exported to those clients from DEV.
Before my IBM consultant rolled off the project he said making changes in production is not the best practice.
Is making changes directly into ME/MII production for security normal at other companies?
Thanks,
Mary |
| Reply to this email to post your response. __.____._ |   _.____.__ |
