412 Networking: A Beginner’s Guided The IT department member responsible for maintenance of the accounting system is responsible for reviewing change request forms, investigating methods
Trang 1412 Networking: A Beginner’s Guide
d) The IT department member responsible for maintenance of the accounting system is responsible for reviewing change request forms, investigating methods of making changes, estimating effort hours or direct costs involved
in making the proposed change, and proposing a test plan for the changes The IT department member will then forward the request with the completed information to the Controller or CFO
e) The Controller or CFO is responsible for reviewing each change request form and approving it The approved change request is then submitted to the IT project manager for the change
f) The IT project manager for the change informs the Controller or CFO and the requestor once the change and any associated testing are complete g) The IT department is responsible for storing completed change request forms and making them available as appropriate to auditors
4) DEFINITIONS
a) Program change: A change in a program that makes up the system Program changes can be vendor-supplied updates or fixes, or changes to programs developed and maintained by Generic
b) Emergency change: A change required to remediate a processing or reporting error within any part of the system, or to remediate an error that makes the system unavailable to users
c) Direct database change: A programmatic change to the data within the ac-counting system database Direct database changes bypass controls within the accounting system
d) Server change: A change to the server computer’s hardware, operating system software, or backup software
5) POLICIES
a) All changes to any of the programs that make up the accounting system will be performed only within this document’s procedures
b) Direct database changes must be performed within this document’s procedures
c) Server changes must be performed within this document’s procedures, except for routine maintenance changes Routine maintenance changes include application of patches for the operating system, review and saving of server operating system log files, performance of routine changes using the system’s built-in tools (such as adding a user or adjusting user permissions), and so forth Routine changes and activities are described in IT-003
d) Emergency changes can be performed prior to documentation; however, emergency changes must be documented afterwards using the Accounting System Change Control form and signed off and stored Documentation of emergency changes must be completed within 30 days of the emergency change
Trang 2Appendix: Understanding the Sarbanes-Oxley Act
6) PROCEDURES
a) A user of the accounting system who desires a change to the system will
com-plete a copy of form IT-FR-006 This form should be submitted electronically
(The IT department can also initiate change requests as appropriate.)
i) The user should clearly describe the change desired When appropriate,
he or she should include mock-ups of the desired change For example,
when requesting a new report, the requestor should mock up how the
report should look when done
ii) The requestor then forwards the IT-FR-006 form to the IT department
member responsible for maintaining the accounting system
b) An IT department Project Manager will be designated Typically, this will
be the individual responsible for maintaining the accounting system
c) The IT Project Manager will review the change request and any attached
examples or illustrations, and will analyze the requested change, including:
i) Viability
ii) Sources of appropriate existing data in the system
iii) Capability of in-house personnel to perform the change or availability of
external personnel to carry out the change
iv) Impacts to integrity of system data or other system programs
v) Impacts to system security
vi) Impacts to disaster recovery procedures
vii) Testing and acceptance procedure(s), including pseudocode when testing
will be primarily programmatic
viii) Estimating effort hours and/or direct costs to perform the change and
testing
ix) Estimating available schedule
d) The IT Project Manager will then print the form and associated information,
sign it, and forward to the Controller or CFO
e) The Controller or CFO is responsible for reviewing each change request
form and approving it The approved change request is returned to the IT
Project Manager
f) The IT Project Manager will then initiate the change and will oversee the
change through to completion, which includes testing and acceptance of the
change as described in the IT-FR-006 form The IT-FR-006 change form is
then stored by the IT department along with any associated documentation
Trang 3This page intentionally left blank
Trang 4A
access, 24 See also Client Access Licenses;
Lightweight Directory Access Protocol;
media access control sublayer;
multistation access unit; permissions;
remote access; wireless access point
Apache web server, 363
CD-DVD, 380, 380–381, 381
floppy drive, 382, 382
modem, 130
Account Is Disabled, 257, 262
Account Is Trusted for Delegation, 262
accounting, 8, 390, 391
accounts payable (AP) process, 395–396,
400–401
Active Directory, 113, 114, 116–117, 248,
248, 300–301
administration
account, 143, 144, 146
Apache web server, 363–364
client/server network, 23
administrator, 6–7 See also administration
ADSL See Asymmetric DSL
Advanced Micro Devices (AMD), 179
AMD See Advanced Micro Devices
analog signal, 82
annual report, 392
antivirus software, 154–155
AP See accounts payable process
Apache HTTP Server Project, 360 Apache Software Foundation, 360 Apache web server, 360
administration of, 363–364 changing configuration of, 363–364 under Fedora Linux, 361, 363 installation of, 361–363 remote access to, 363 testing of, 362–363 web page publication with, 364 apachectl, 363
AppleTalk, 106, 107 application layer, 32 application-based firewall, 74 applications
compatibility of, 202
by department, 213–214 monolithic, 122 network, 212–214 scaling, 218 sharing, 25 user-specific, 214 archive bit, 170 assigned permissions, 144 Asymmetric DSL (ADSL), 83, 85 Asynchronous Transfer Mode (ATM), 86
Index
Trang 5416 Networking: A Beginner’s Guide
ATM See Asynchronous Transfer Mode
attorneys, 393
attributes, 113, 118
audit, 8, 148
committee for, 391
by financial expert, 394
influence on, 392
oversight board for, 390
authentication, 118, 119, 137
automation, 5
B
backbone, 68–69, 219
backbone switch, 34
back-door threats, 149, 152
backticks, 333
backup, 6, 113
client/server network, 22
in disaster recovery plan, 166–171, 397
hardware for, 168, 169
with peer-to-peer network, 22
redundancy in, 168
restoration from, 167–168
rotation strategy for, 169–172
schedule of, 171
server, 188–189, 194–195
in SOHO networking, 60
tapes, 195
types of, 170–171
before upgrading, 231
virtual machine, 388
backup domain controller (BDC), 115, 230
bandwidth, 15–16, 27
low, 304
measurement of, 127, 127
network, 212, 215
plain old telephone service, 84
remote access, 126–127
shared, 41–42
speed by, 220
Token Ring network, 46–47
barrel connectors, 52
Base, 43
base-8 numbering system, 14
base-10 numbering system, 12–13
baseband, 43
bash shell, 332, 333
Basic Rate Interface (BRI), 82
B-channels See bearer channels
BDC See backup domain controller
bearer channels (B-channels), 82
billions of bits per second (Gbps), 15
binary digit, 12
binary numbering system, 13–14
biometrics, 146
bits per second (bps), 15
block devices, 338, 339
BNC connector, 39, 40, 40, 52, 53
bonding, 132
boot loader, 315–316, 316
BorderManager, 135
bps See bits per second
brand loyalty, 200 breakout box, 75
BRI See Basic Rate Interface
bridges, 66 hub, 68 with media access control sublayer, 71, 72 broad traveler, 123
broadband, 43 building, 219
bus topology, 39, 39, 40–41, 54
byte, 12 bytes per second, 15
C
cable plant, 36, 55 cable scanner, 57 cables
breaks in, 56 Cat-5E, 35, 42, 47 Cat-6, 35 Category 3, 34–35, 42 Category 5, 34–35, 42
coaxial, 36, 48, 52, 53, 55, 56–57
contractor for, 54–55 crossover, 51 Ethernet, 49 fiber-optic, 48 installation of, 54 mapping out of, 57 network, 30 nonplenum, 53 patch, 49 plenum, 53 problems with, 55–57 RS-232C, 75 self-made, 51 shielded twisted-pair, 47, 48–49 for SOHO networking, 61 Token Ring network, 49
twisted-pair, 48, 48–50, 49, 51, 52 unshielded twisted-pair, 47, 48, 48–49
wiring of, 62 calculator, 14
CALs See Client Access Licenses
capacity planning, 217–218 Carrier Sense Multiple Access with Collision Detection (CSMA/CD), 46
cat command, 348
Cat-3 See Category 3 cable Cat-5 See Category 5 twisted-pair cable
Cat-5E cable, 35, 42, 47 Cat-6 cable, 35 Category 3 (Cat-3) cable, 34–35, 42 Category 5 (Cat-5) twisted-pair cable, 34–35, 42