Written by AIJanuary 21, 2024
Elevated user account policy
IT Policy Article
-
Table of Contents
EDC Inc Elevated User Account Policy
This policy outlines the guidelines and procedures for the management of elevated user accounts at EDC Inc. It is designed to ensure the security and integrity of our information systems and to protect the company from potential threats.
Scope
This policy applies to all employees, contractors, consultants, and other workers at EDC Inc who have access to company systems and networks. It covers all user and service accounts in Active Directory, as well as any other systems or applications that require elevated privileges.
Policy
Account Creation
All requests for elevated user accounts must be submitted to the IT Server Build Operations department. The request must include a justification for the elevated privileges and must be approved by the relevant IT Director.
Account Management
Elevated user accounts are managed by the IT Server Operations department. This includes the creation, modification, and deletion of accounts, as well as the assignment of privileges. All changes to elevated user accounts must be recorded in the CMDB inventory management tool.
Account Usage
Elevated user accounts must only be used for the specific tasks for which they were approved. Any misuse of elevated privileges may result in disciplinary action, up to and including termination of employment.
Account Review
All elevated user accounts will be reviewed on a regular basis by the IT Audit and Compliance department. This review will ensure that all accounts are still necessary and that the assigned privileges are appropriate.
Account Security
The security of elevated user accounts is the responsibility of the IT Security Operations department. This includes ensuring that all accounts are protected by strong passwords and that all account activity is monitored for signs of suspicious behavior.
Account Exceptions
Any exceptions to this policy must be approved by the IT Security Operations department and documented in the CMDB inventory management tool. Exceptions may be granted on a temporary basis and will be reviewed by the Change Audit Board (CAB).
Responsibilities
- The IT Server Operations department is responsible for the management of elevated user accounts.
- The IT Server Build Operations department is responsible for processing requests for elevated user accounts.
- The IT Security Operations department is responsible for the security of elevated user accounts.
- The IT Audit and Compliance department is responsible for reviewing elevated user accounts.
- All employees, contractors, consultants, and other workers at EDC Inc are responsible for using elevated user accounts in accordance with this policy.
Enforcement
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. In addition, violations of this policy may be reported to the appropriate authorities.
Review and Update
This policy will be reviewed and updated on a regular basis by the IT Audit and Compliance department. Any changes to this policy will be communicated to all employees, contractors, consultants, and other workers at EDC Inc.
Conclusion
The Elevated User Account Policy at EDC Inc is designed to ensure the security and integrity of our information systems. By adhering to this policy, we can protect the company from potential threats and maintain the trust of our customers and partners.
You may also like
Archives
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||