Is self-serve password reset for Windows considered for validation under CFR Part 11?
Would such a tool be considered an extension of Active Directory with functionality for users to reset NT Domain password similar to OS level password reset?
Has anyone installed such a tool - did you IQ/OQ the installation of the tool or just used your existing security policies/SOPs to show control?