Re: Politically correct term for four-eyes authorization?

Subject: Re: Politically correct term for four-eyes authorization?
From: Jay Maechtlen <techwriter -at- laserpubs -dot- com>
To: Robert Fekete <fekete77 -dot- robert -at- gmail -dot- com>, TECHWR-L <techwr-l -at- lists -dot- techwr-l -dot- com>
Date: Tue, 23 Jun 2015 23:09:00 -0700

But, presumably, neither originator nor approver would necessarily need to have two functioning eyes?
in total, two or three eyes might be enough?


On 6/19/2015 1:02 AM, Robert Fekete wrote:

Hi,

We have a problem with a term in our product documentation (and the UI as
well), and I'd like to ask for your collective wisdom.

In line with the four-eyes principle, our product can require an authorizer
to approve (and possibly review) the actions of a user. Currently, this is
dubbed four-eyes authorization. The problem is that the "4-eyes" term is
derogatory and should be changed. Possible candidates we found and are
commonly used are "dual control" and "two-person rule", but these are not
as accurate, because in every definition I could find (for example,
http://www.theserverside.com/report/Integration-of-User-Control-Mechanisms-into-Secure-Critical-Applications
), they refer to two users who have the same privileges to perform an
action, but can only do so together. In our setup, this is not the case,
one of the users is who performs the action, and the other approves that.

If any of you works in an IT security or finance-related field, have you
encountered a problem with four-eyes before? (And how did you solve it?)

Thanks a lot for your ideas in advance.

Kind Regards,

Robert Fekete
^^^^^^^^^^^^^^^^^^^^^^^^^^

--
Jay Maechtlen
626 444-5112 office
626 840-8875 cell
www.laserpubs.com


---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Learn more about Adobe Technical Communication Suite (2015 Release) | http://bit.ly/1FR7zNW

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

You are currently subscribed to TECHWR-L as archive -at- web -dot- techwr-l -dot- com -dot-
To unsubscribe send a blank email to
techwr-l-leave -at- lists -dot- techwr-l -dot- com


Send administrative questions to admin -at- techwr-l -dot- com -dot- Visit
http://www.techwhirl.com/email-discussion-groups/ for more resources and info.

Looking for articles on Technical Communications? Head over to our online magazine at http://techwhirl.com

Looking for the archived Techwr-l email discussions? Search our public email archives @ http://techwr-l.com/archives


Follow-Ups:

References:
Politically correct term for four-eyes authorization?: From: Robert Fekete

Previous by Author: Re: updating includetext fields from a macro
Next by Author: Advice on Developing a SMART Goal Tracking Template
Previous by Thread: Re: Politically correct term for four-eyes authorization?
Next by Thread: Re: Politically correct term for four-eyes authorization?


What this post helpful? Share it with friends and colleagues:


Sponsored Ads