HP 3000 Manuals HP 3000 Manuals
Appendix B The Security Maintenance Checklist
This checklist is provided to assist you in reviewing your account and
system security.
1. __ Do all accounts have passwords?
2. __ Have all default passwords been changed?
3. __ Are there procedures to ensure quarterly system password
changes?
4. __ Are passwords changed when employees leave the organization?
5. __ Do special capability users (PM, SM, OP, AM, NM, and NA) have
user passwords?
6. __ Are user passwords unique in accounts accessible by more than
one person?
7. __ Is SM capability restricted to one person per system and AM
capability to one person per account?
8. __ Do all groups with PM have restricted save access (no
SAVE:ANY)?
9. __ Are programs protected from unpriviledged users?
10. __ Is there an updated list of all released files?
11. __ Is there a logon or NOBREAK UDC at system and account level to
restrict MPE access?
12. __ Is there NOLIST and NOHELP on data sensitive UDCs?
13. __ Are embedded passwords removed from all jobstreams?
14. __ Are system installation files removed?
15. __ Is there a procedure for positive identification from callers
requesting access to the system?
16. __ Are there hard copy printouts of console messages?
17. __ Is the system console and tape drive restricted to operation
personnel only?
18. __ Is the data center audited quarterly?