02-15-2008 12:07 PM
02-15-2008 12:13 PM
>
> Can some one help me for designing blue print for FICO security
What kind of help do you want?
What is your role in the project/company that needs this security?
What have you done so far?
02-15-2008 12:17 PM
I need to build a road map for designing the security structure .
I have consolidated the list of all the transaction and users that will be using the system +
I wanted to know different best practices for designing the security for these users so that i can analyse the best one suited for me
02-15-2008 12:39 PM
>
> I have consolidated the list of all the transaction and users that will be using the system
Ah, now that may not be enough.
To understand what there is to be secured and which functionality is to be given to users you actually need to know the various processes in scope as well as the (job)roles the different users perform. The actual transactions and unames are the least of your worries.
Step by step I suggest you to:
Determine the different processes.
Determine all separate steps in each process and the necessary transactions per step. (The transaction lists can help in designing single roles)
Determine the different jobroles and their participation in (parts of) the processes. (these can determine the composite(s) per job)
Once this has been done the security risks have to be determined and evaluated in combination with above processes and steps.
With the outcome of the last step you can determine which part of the security needs can be met with authorizations and which part needs to be taken care of by adjusting the processes.
At the end of this (give it a few weeks if you have the right resources) you should have a functional design from which you can create a technical design and, with that, build roles, have them tested and get them to production.