Testing IT Security 16
SOX-Migration last edited by
I am currently involved in testing General Computer Controls as part of a 404 compliance exercise. My question is - how far do I need to go in testing operating system parameters, user ids, etc? A full on Windows NT or Novell security review could easily take several days depending on the level of detail. Would this be overkill?