Computer's Screen Saver being activated... 1609

  • Is there a set amount of minutes before a company’s computer’s screen saver kicks in and the computer gets locked out? Our company has set up 15 minutes of inactivity before our computers lock-up and then a password is needed to log back in. I have tried to get this time increased but without any luck.

  • Hi and welcome to the forums 🙂 … The SOX 404 IT based standards won’t specify an exact time limit on this. It is a best practice to lock workstations if no mouse or keyboard activity has taken place in a specified amount of time (usually varying from 10-30 minutes based on standards I’ve seen in the past). It’s intended so that no one will use your workstation while you’re away from your desk.
    Our corporate standard is 10 minutes at work, and the 15 minute period is a fairly standard setting used by many IT security professionals.

  • Puhleese :roll:

  • Puhleese :roll:
    I agree.
    In other words, this is not a SOX (financial reporting) control.

  • In other words, this is not a SOX (financial reporting) control.
    True - Companies will work in non-SOX related security improvements many times after evaluating IT controls. They may even put items like the screensaver controls within the umbrella of SOX controls.
    On this post, I can even see some relevancy on IT related needs, as folks that don’t lock their workstations might have a physical security exposure. Still, this is a best security practice everyone should be doing, regardless of SOX regulations 🙂

  • Harry makes a good point in that many times companies will work in other best practice controls as part of their SOX efforts. I am not opposed to this as long as those tangent controls are not deemed primary controls and subject to the same testing and documentation standards that we generally apply to the SOX-related controls. This only adds more work onto the teams charged with keeping documentation current and performing effectiveness testing of controls.

Log in to reply