We also do the same. APGM is really nice, especially at Audit time, clear trail and ability to roll back changes and show a clear audit trail on things, which makes accountability a lot easier.
Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: [email protected] [mailto:[email protected]] On Behalf Of Guyer, Don Sent: Monday, September 23, 2013 8:59 AM To: [email protected] Subject: [NTSysADM] RE: Change control....GPO We utilize both Change Control and AGPM. Like some have already said, ones with larger impact have to go through 2 Change meetings first. Low impact ones do not require this. Regards, Don Guyer Catholic Health East - Information Technology Enterprise Directory & Messaging Services 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 email: [email protected]<mailto:[email protected]> Office: 610.550.3595 | Mobile: 610.955.6528 | Fax: 610.271.9440 For immediate assistance, please open a Service Desk ticket or call the helpdesk @ 610-492-3839. [Description: Description: Description: Description: InfoService-Logo240] From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of David Lum Sent: Friday, September 20, 2013 10:55 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] Change control....GPO For you guys with a pretty well defined change control process - are incremental GPO changes (in this case we have a GPO that controls IE's trusted sites, I want to add enable auto logon with current credentials for sites in trusted sites) reviewed by people before the change? I'm thinking in larger environments it might be submitted by one person, reviewed and approved by another but not necessarily held until a formal change request meeting is convened? Normally I'd just whip this change out, but I need to think about the accountability process in general. David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 Confidentiality Notice: This e-mail, including any attachments is the property of Catholic Health East and is intended for the sole use of the intended recipient(s). It may contain information that is privileged and confidential. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please delete this message, and reply to the sender regarding the error in a separate email.
<<inline: image002.jpg>>
<<inline: image003.jpg>>
