The IT User Access Control Database Log Template keeps track of user ID, department, password, access privilege, and more. Users should have direct access only to services and information that they have been specifically authorized to use. Unless expressly authorized, access to all resources and services is denied. The Information Technology Security Manager should maintain ITSD106-2 IT USER ACCESS CONTROL DATABASE for that purpose.
Users must secure their equipment if it is to be unattended for any length of time. Screen locks should automatically activate after 15 minutes of inactivity (users may set screen locks to activate sooner and they should be allowed to activate screen locks immediately, if desired). All communications to external (i.e., Internet-based) resources by way of the company Information Technology network should be restricted to authorized users. Users should apply for permission to access external resources and access should be authorized on a case-by-case basis.
Format: Microsoft Word 2013 (.docx)
Manual: IT Policies and Procedures Templates
Category: IT Security & Disaster Recovery
Procedure: IT Access Control Procedure ITSD106