[Baypiggies] The Django admin and SOX compliance

Shannon -jj Behrens jjinux at gmail.com
Wed Dec 9 18:02:57 EST 2020

If you think about being compliant with certain things like SOX, SOC2, ISO
27001/2, one of the things you have to do is get a lot more careful about
who can view and modify data. Consider the idea where you have a Django
admin which allows you to mutate a bunch of the data in your database. Now,
imagine a bunch of customer support agents making use of this Django admin
in order to make changes on an as-needed basis.

Now, imagine you want to add some workflow on top of this. Let's say a
support agent needs to change some row (model object). However, we want
such changes to be approved before making the change.

Do any of you have some advice, guidance, or tool recommendations for this
sort of problem? I know it's a little bit vague, but any advice about the
intersection of the Django admin and SOX compliance would be useful.

I'm happy to talk off-list.


In this life we cannot do great things. We can only do small things with
great love. -- Mother Teresa
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.python.org/pipermail/baypiggies/attachments/20201209/486a0f84/attachment.html>

More information about the Baypiggies mailing list