Planning user security

When you plan user security, it is essential that you describe:

User group security

A user group is a group of users who need to use the same applications in the same way. Planning user group security involves determining the workgroups who plan to use the system and the application needs of those groups.

Individual user security

Individual user profiles contain security-related information for each user on the system. Your individual user security planning will determine how the user signs on to the system, what the user is allowed to do after signing on, and how the user's actions are audited.

You might find these planning forms helpful when planning user group and individual user security:

• Use the Physical security planning worksheet to describe any security issues that are related to the physical location of your system unit and attached devices.
• Use the User group identification worksheet to identify groups of users who have similar application needs.
• Use the User group description worksheet to describe the characteristics of each user group.
• Use the System responsibilities worksheet to create a list of everyone that has access to your system that has a user class other than *USER.
• Create group profiles by filling out a User profile worksheet for each user group that is on your system, recording information about individual system users.