Application Administrator Access
Many of these same questions are found on the user interface requirements page but it is important to consider the same questions for administrators since they can access more of the system and have greater privileges.
How will administrators connect to the system? Will they use web browsers or software on their local computers?
What functions will administrators need to perform?
Will different roles be available to administrators so different groups will have different privileges?
How will the roles be defined, who will set them, and will the system prevent escalation of privileges?
What data will the administrators need to enter into the system?
What information will the administrators need to see?
How will the administrator be identified? Do they need a login account? If there is an account for the administrator:
How will administrator accounts be created? Who authorizes account creation and the allowable privileges? Who creates the account?
How will administrator accounts be removed? If someone changes job roles are appropriate changes made? Who removes the accounts?
How are passwords reset? Is an administrator adequately identified when they request a password to be reset?
Is there an account management plan defining how accounts are created, deleted, suspended, or how passwords are reset? Does it define who authorized changes to accounts and how this is enforced?
When the administrator logs in is the account information that is sent to the server adequately encrypted or hashed?
How is administrator account information stored? Is it encrypted adequately?
What protocol is used to authenticate the administrator? (Windows Domain, Novell)
How are privileges controlled? Settings in database or other method?
Should account activities (logins, logoff, execution of privileges) be logged or monitored?
If administrator activities are logged, can accounts be deleted? Accounts may not be deleted but only suspended if administrator activities are logged.