Aug 30 2019
04:00 AM
- last edited on
Feb 01 2023
09:15 AM
by
TechCommunityAP
Aug 30 2019
04:00 AM
- last edited on
Feb 01 2023
09:15 AM
by
TechCommunityAP
Hello
We recently had an audit from one of our clients, some of the actions they wish us to implement regarding Access Control principles are as follows.
Customer are required to develop controls/procedures/policies in place to demonstrate:
The above would not be a problem in a large organisation but we have 5 employees with access to the system. I am the global admin and administrate the environment as well as working normally.
The other people in the office are not that tech savvy so how would we address the above points?
Regards
Jim
Sep 18 2019 01:49 PM
What they are asking for is overkill in my opinion. My recommendation would be to keep everything open/read only access for internal users. For specific content allow contribute/full control. This would reduce your administration. For private content your users can use there OneDrive accounts. Keep it off the Intranet. @Ormesherg