Computer Science

Application Security

   

Project Part 2: Access Controls Procedure Guide

Scenario

Changing access controls can have some undesirable effects. Therefore, it is important to carefully consider changes before making them and provide mechanisms to reverse changes if they have unexpected consequences.

Always Fresh management has asked you to develop procedures for changing any access controls. The purpose of these procedures is to ensure that staff:

Understand and document the purpose of each access control change request

Know what access controls were in place before any changes

Get an approval of change by management

Understand the scope of the change, both with respect to users, computers, and objects

Have evaluated the expected impact of the change

Know how to evaluate whether the change meets the goals

Understand how to undo any change if necessary

Tasks

Create a guide that security personnel will use that includes procedures for implementing an access control change.

The procedure guide must contain the steps Always Fresh security personnel should take to evaluate and implement an access control change. You can assume any change requests you receive are approved.

Ensure that your procedures include the following:

Status or setting prior to any change

Reason for the change

Change to implement

Scope of the change

Impact of the change

Status or setting after the change

Process to evaluate the change

Required Resources

Internet access

Course textbook

Submission Requirements

Format: Microsoft Word (or compatible)

Font: Arial, size 12, double-space

Citation Style: Follow your schools preferred style guide

Length: 2 to 4 pages

  

Self-Assessment Checklist

I created a procedure guide that provides clear instructions that anyone with a basic technical knowledge base can follow.

I created a well-developed and formatted procedure guide with proper grammar, spelling, and punctuation.

I followed the submission guidelines.