Hitachi

JP1 Version 12 JP1/IT Desktop Management 2 Overview and System Design Guide


4.6.2 Creating user accounts for efficient internal controls

To provide efficient internal controls, you need to register user accounts to restrict the available functions according to the jobs of JP1/IT Desktop Management 2 users. The following table provides an example of a management structure that provides efficient internal controls.

Management structure

Role

System owner

Controls and manages the usage of the system in the organization. The system owner approves applications to use JP1/IT Desktop Management 2, but does not use JP1/IT Desktop Management 2.

User account manager

Manages JP1/IT Desktop Management 2 users. User management permission is assigned.

System administrator

Uses JP1/IT Desktop Management 2 to perform management tasks. System administrator permission is assigned.

Manager

Views managed information to check the management status of the organization. View permission is assigned.

In this structure example, only the user account manager can use JP1/IT Desktop Management 2 from the beginning. The system administrator and manager must apply to the system owner for the use of JP1/IT Desktop Management 2. When the system owner approves an application, the user account manager registers a user account with the necessary permissions assigned.

The following describes the basic procedure for registering a user account. By registering a user account in this way, whether the system is used in accordance with the task of the user can be determined objectively.

  1. A user who wants to use JP1/IT Desktop Management 2 applies to the system owner.

    A system administrator who wants to perform management tasks or a manager who wants to view the managed information applies to the system owner for the use of JP1/IT Desktop Management 2.

  2. The system owner approves the use of the product.

  3. The system owner asks the user account manager to create a user account.

  4. The user account manager creates a user account.

    System administrator permission is assigned to a system administrator. No permissions are assigned to a manager so that he or she can only view information.

  5. The user account manager reports the result of user account creation to the system owner.

  6. The user account manager informs the user that the account has been created.

    The system administrator or manager will be able to use JP1/IT Desktop Management 2 with restricted functions.

  7. Periodical audit is performed to check the registration status of user accounts.

    Audit the application trail and the user account registration status to confirm that the system is being used correctly.