Dear George,

I have sent you the docs.

1. Obtain access to the application’s interface (GUI) test environment.

2. Obtain a configuration listing of a typical end user workstation.

3. Determine if the user is required to signon to the workstation.

4. Evaluate the GUI (according to requirements and design documentation ) to determine if the

edits on the system are adequate.

5. Evaluate the middleware connection to the file servers and the mainframe processor from a

security and control perspective.

• Open Data-Link Interface (ODI) drivers

• NET.CFG file

• Link Support Layer file LSL.COM

• Protocol Stacks IPXODI.COM

• NetWare Shell

• SAPs

• DDE

• OLE

6. Determine that any modification to startup files are properly recorded to prevent the key stroke

capture programs from executing.

7. Determine that the workstation is properly protected from Trojan GUIs from running.

Regards,

Rakesh