| 1. The system, database, and/or application administrators shall create user accounts only upon approval of System Access Request by authorized personnel (e.g., user manager/supervisor/IAM/IAO). |
2. The system, database, and/or application administrators shall determine user privileges required to perform their job functions.
3. The system, database, and/or application administrators shall configure the system software (e.g., operating system, database, and application) to which users have access to read or modify data to perform job functions in accordance with DISA STIGs applicable to the software based on the least privileges and need to know.
4. The administrators shall configure the audit trails and transaction logs to capture user access to the software/application.
5. The administrators shall configure the system to display and generate audit reports for regular reviews or immediate reviews upon system security events.
6. The system administrator shall research and determine if the system software provides the capability of notifying users of time and date of the last change in data content and perform the following:
a. If the system provides the capability, the system administrator shall enable the capability.
b. If the system does not provide the capability, the administrators shall implement other means (e.g., scripts) into the system to notify users of time and date of the last change in data content.
7. The system administrator shall generate and review the audit trails and the transaction logs on a regular basis or immediately upon system security events.