In this article, Carol describes the system values, user profile attributes, and access control settings she'd recommend that auditors pay attention to.
By Carol Woodbury
I’m dedicating this article to auditors. I’ve found that many auditors have either never heard of IBM i or, if they have, don’t know how to audit it properly—that is, they miss key elements, or they use checklists developed 10 or more years ago, and the settings to be compared are often irrelevant or inaccurate. The capabilities of this operating system are vast, and the need to ensure the security principles of confidentiality, availability, and integrity apply just as they do on other operating systems. Let's take a look.