Process Security Testing

1

Connect to the OSCAR main page

1. OSCAR Software Test Version 15, system and DB up and running. 2. OSCAR user is setup and have the correct credentials to login

Oscar Opens

2

Login

1. By entering right credentials user is getting system verification acceptance.

2.Once logged in, user is required to reset password

3

Check for unused accounts

OSCAR System in production

1. Verified that no unused accounts are in the system and all accounts have their properly assigned roles.

2. Very limited users has Admin rights.

1

Connect to the OSCAR main page

1. OSCAR Software Test Version 15, system and DB up and running. 2. OSCAR user is registered and have the correct credentials to login

Oscar Opens

2

Login

1.Oscar welcome page prompts user to Enter credentials (User Name/ Password/Second level password)

2.User remotely logs in with only inputs username and password.

1.Unsuccessful login. Remote login require second level authentication.

2.System audits and logs all logins, successful and failed accessing the Clinical Management System Serve

1

Encrypt back up files.

All files are set up and backed up.

All back up files are encrypted

2

Secure connection for back up files

Encrypted files should be copied using a secure connection

1.Secure Shell (SSH) is being used.

2.Data is to be stored in a secure location on server.

3

Copy encrypted files

Encrypted  files require a secure location

1.Copy encrypted files to an external media device. 2.Verify external media device should also be encrypted.

3.Store copies in two different locations.