Hi I would like to know if you have any T&C's and other such documentation that would satisfy a SOC Audit? I understand that FreeIPA is Open Source but perhaps there some relevant documentation on this topic. FreeIPA is used by our organisation for access to a key application and as such falls into scope of our audit.
Do let me know if any clarification of the above is required. Or indeed any questions or feedback. I look forward to hearing from you.
Regards Shumel
*Shumel Rahman* Application Manager for Tech +46 760009846
iZettle – Tools to build your business
izettle.com http://instagram.com/izettle
Not directly answering your question but sharing some knowledge ...
Similarly our IPA system falls under certain audit conditions, specifically with regard to user addition/deletion and what goup memberships have been ammended over some period of time (we base our sudo rules on group memberships.) I found all these things are logged by the API to Apache's error log dirctive so it was quite straight forward to see those logs sent over the network to a central log server. Both the web interface and "ipa" commands use the API.
It's not perfect, for example when a user is deleted there is no log as to which groups they were removed from as part of that deletion process - so far though that hasn't been identified as an issue by auditors!
Regards Angus
________________________________ From: Shumel Rahman via FreeIPA-users freeipa-users@lists.fedorahosted.org Sent: Monday, 18 November 2019, 20:18 To: freeipa-users@lists.fedorahosted.org Cc: Shumel Rahman Subject: [Freeipa-users] SOC documentation
Hi I would like to know if you have any T&C's and other such documentation that would satisfy a SOC Audit? I understand that FreeIPA is Open Source but perhaps there some relevant documentation on this topic. FreeIPA is used by our organisation for access to a key application and as such falls into scope of our audit.
Do let me know if any clarification of the above is required. Or indeed any questions or feedback. I look forward to hearing from you.
Regards Shumel
Shumel Rahman Application Manager for Tech +46 760009846
iZettle – Tools to build your business
freeipa-users@lists.fedorahosted.org