image

Data Security – CRUD or CRUDE Matrix

A CRUD or CRUDE matrix is a useful way to capture and display activities and permissions within a system. You can use a CRUD matrix to observe how Processes handle Data or Resources. It is very valuable to combine a CRUD(E) Matrix with the Analysis of User Processes within the System, especially in the Context of the Actors and Roles involved to complete the Picture.

CRUD(E) is an Acronym that refers to the following actions on an object (Data/Resource etc):

  • Create – Create and Store
  • Read – Select, Retrieve and Read
  • Update – Change, Edit or Modify
  • Delete – Truncate, Delete, Purge or Remove
  • Execute – Execute or Run

When the CRUD(E) Matrix shows the links between Process and Data, it is known as Data CRUD(E) Matrix.
When the CRUD(E) Matrix shows the links between Process and Resource, it is known as Resource CRUD(E) matrix.

Example:

 CreateReadUpdateDeleteExecute
Accountant-1XXXXX
Accountant-2XXX X
Accountant-3XX  X
Accountant-4XX  X

Leave a Reply

Your email address will not be published. Required fields are marked *

10 + 13 =