IT Access Control Policy Procedure| ITSD106
Included in these items:
IT Policies and Procedures Manual $ 595.00Add To Cart More >> |  |
IT Security Policies / Acceptable Use Policies $ 99.95Add To Cart More >> |  |
IT Access Control Policy
IT Access Control PolicyThe IT Access Control Policy Procedure prevents unauthorized access to—and use of—your company’s information. IT Access Control Policies and Procedures ensures your information’s security, integrity and availability to appropriate parties. The IT Access Control Policy Procedure applies to all company information and to all storage access methods. (14 pages, 2495words)
IT Access Control Responsibilities:
The Human Resources Manager is responsible for reviewing requirements for access (with Information Technology Managers) and Access Control Policy user training.
Information Technology Managers are responsible for reviewing access requirements, convening the Security Review Committee to review the Plan, and verifying updates to the Plan.
The Information Technology Security Manager is responsible for developing an Access Control Policy Plan, presenting the Plan to the Security Review Committee for review, communicating the Plan to Human Resources, monitoring the Plan, revising the Plan, as needed, and enforcing the Plan.
The Security Review Committee is responsible for reviewing and approving the Plan.
Users are responsible for knowing and following the Plan.
IT Access Control Policy Definition:
Access control – Enforcement of specified authorization rules based on positive identification of users and the systems or data they are permitted to access (or, providing access to authorized users while denying access to unauthorized users).
IT Access Control Policy Procedure Activities
IT Access Control Policy Procedure Activities- Planning IT Access Control Policy
- IT Access Control Plan
- IT Access Control Plan Review
- IT access Control Plan Update
IT Access Control Policy Procedure References
- ISO/IEC Standard 27002:2013- Information Technology-Code of Practice for Information Security Management
- IEEE 802.1X- Port-Based Network Access Control Standard
- IEEE Special Publication 802.12- An Introduction to Computer Security- The NIST Handbook
IT Access Control Policy Procedure Forms
- IT Access Control Plan Form
- IT User Access Control Database Form
- Access Control Log Form
- User Account Conventions Form
