You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

4.6.1 - The repository shall comply with Access Policies.

Supporting Text

This is necessary in order to ensure the repository has fully addressed all aspects of usage which might affect the trustworthiness of the repository, particularly with reference to support of the user community.

Examples of Ways the Repository can Demonstrate it is Meeting this Requirement

Statements of policies that are available to the user communities; information about user capabilities (authentication matrices); logs and audit trails of access requests;explicit tests of some types of access.

4.6.1.1       The repository shall log and review all access management failures and anomalies.

Supporting Text

This is necessary in order to identify security threats and access management system failures.

Examples of Ways the Repository can Demonstrate it is Meeting this Requirement

Access logs, capability of the system to use automated analysis/monitoring tools and generate problem/error messages; notes of reviews undertaken or action taken as a result of reviews.

  • No labels