2

What's the best way to confirm to an auditor that a change made to any permission in Exchange was actually made by a legitimate admin with an approved change ticket?

We were recently asked to implement Manage Engine's "Exchange Reporter Plus" and to set it up so that it notifies the whole team of any change to permissions on any account. The person responsible for making that change is then supposed to respond to the email to say why the change was made and what the ticket number was. That will satisfy the auditors, they say.

But that is a REALLY laborious process to dig up a ticket number and email it out to the team for every single change. Surely other companies have this requirement and have come up with better solutions, right?

Keith
  • 311
  • 6
  • 19
  • To clarify - the idea is that if an unauthorized change is made to an account, the team will be notified and able to investigate it. So just having a ticket requesting the changes is not enough. – Keith Jan 15 '19 at 14:48

1 Answers1

-1

It seems related to “ManageEngine Exchange Reporter Plus” application.

Please check if there is any related build-in report to do this. https://www.manageengine.com/products/exchange-reports/help/index.html

If it needs custom report, I think it is better to work with the vendor.

Shaw Lu
  • 339
  • 1
  • 4
  • Thanks but we're just using Manage Engine to be notified of changes made to the environment. It's a process problem - how do you verify that a change made was actually made by an authorized person? Is this flurry of emails the right way to go? It just feels wrong to me and I think others must have faced the same question for their auditors. – Keith Jan 16 '19 at 13:20