Todd, In our company, because our application is a SOX app, the development staff cannot have write access to production. We have full access to our Dev/Test environments, but cannot have a write license in production at all. This means that we were forced to develop processes and procedures to allow Admins to deploy our changes to production because the ability to do that ourselves violates SOX requirements. This effectively ensures you have a minimum of 2 environments.one where you make your Dev changes, and a second that is production. Ideally you also have a Test in between which is where you designated 'movers' can test out your migration directions from Dev to Test.then repeat them again in Prod when the time is appropriate.
From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of Arner, Todd Sent: Friday, August 05, 2011 1:31 PM To: [email protected] Subject: Separation of Admin and Development Duties ** We have been given a directive to separate the Remedy Development and Administrative functions. Basically, we have been instructed to come up with a way to ensure that no one person can make development changes and also be able to set up users accounts. We currently split the roles between two groups so that no one person is doing both, however, since the developers and admins have Administrator privileges, there is nothing stopping either from performing all functions. Does anyone else out there have a similar requirement? If so, can you share your solution? I am just not seeing a way to do this. Or maybe I just don't want to see the way. :) Seems to me both rolls need to have Administrator privileges to complete their tasks. Any insight is greatly appreciated. ARS 7.5 p7 MS SQL 2005 Windows 2003 SP2 Thanks, Todd Arner Great Lakes ---------------------------------------------------------------------------- ---- The information contained in this communication may be confidential, is intended only for the use of the recipient(s) named above, and may be legally privileged. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication, or any of its contents, is strictly prohibited. If you have received this communication in error, please notify the sender immediately and destroy or delete the original message and any copy of it from your computer system. If you have any questions concerning this message, please contact the sender. ============================================================================ ==== _attend WWRUG11 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
