Beruflich Dokumente
Kultur Dokumente
2. Scope
This policy applies to all accounts (or any form of access that supports or
requires User/Network ID) on any system that resides at any company facility,
has access to the company network, or stores any non-public company
information.
3. Policy
3.1. General
The ___ is responsible for ensuring that this policy is adhered to.
All authorized users will be provided a unique User/Network account
for their sole use.
All accounts must be uniquely identifiable by an assigned user name.
All accounts must have a password that complies with the Password
Policy.
Accounts will be administered by a Designated Account Administrator
(DAA)
Five types of User/Network accounts are used by the company:
Individual Accounts
Individual accounts are the primary and preferred method of providing
access to the company’s IT resources.
Users are accountable for their actions and can be audited by the
systems to which they have access rights.
Individual users must adhere to the terms and conditions of use set
forth in the company’s policies relating to technology, e-mail, the
internet, and computers.
Sample policy from AAA Technical Writing: Account Management Policy (Version 1) Page 2 of 4
Application-Specific Accounts
An application-specific account controls access to individual
applications available on the network. Access rights and privileges are
programmed/configured within the application.
These accounts must never be used for individual access to the
network itself.
Guest Accounts
A guest account is associated with an account that has a generic ID
rather than an individual User/Network ID (e.g., when a vendor is to be
given access).
Such accounts are intended for temporary (5 day maximum) use by a
visitor who has been authorized by the designated account
administrator or assistant. Guest accounts must be kept to a minimum.
Their access is limited to a list of application programs, and they have,
at most, restricted network access.
Group Accounts
A group account identifies a functional group or organization. It
provides a group of users with a shared User/Network ID to access a
common application or system.
Group accounts are permitted only if:
• There is a demonstrable need to provide “group” access because
the overhead of individual accounts is not acceptable.
• The number of applications accessible is kept to a minimum.
Group accounts are provided with the minimum access privileges
required to meet business needs (e.g., read/write access is not given
when read-only access will suffice).
Group accounts will not be used to permit remote access.
Group account owners are responsible for their correct use at all times,
and must maintain a complete list of staff members that use the
account.
Sample policy from AAA Technical Writing: Account Management Policy (Version 1) Page 3 of 4
4. Version History
Number Date Approved by
1 April 15, 2009 Blair Bolles