|
Access Control Policy
Policy No: 1.02
Printable Version
PURPOSE
The purpose of the Access Control Policy is to ensure that
access to information,
computer systems and networks owned
or managed by The Fake Chicken Company are available to all authorised
personnel. The policy also deals with preventing
unauthorised access through managed controls, thus creating
a secure computing environment.
SCOPE
This policy affects all
users of
computer systems and networks owned or managed by
The Fake Chicken Company.
POLICIES
1.1.1 Users are
only authorised to access information and systems that they
have been granted privileges for. Any other access in
considered unauthorised and is a violation of this policy.
Help with Understanding this Policy
....and more
1.2.1 Personal
Digital Assistants (PDAs), mobile computers, laptops,
handheld devices, USB smart drives, CF Cards, smart phones
or any other device must not be able to connect to The Fake
Chicken Company’s
internal computer systems or networks...
Computer Systems and Equipment Use Policy
Help with Understanding this Policy
....and more
Top
1.3 Preventing
Unauthorised Access
1.3.1 Any persons
using The Fake Chicken Company’s computer systems and networks are prohibited
from gaining unauthorised access...
Computer Systems and Equipment Use Policy
....and more
2.1.1 Access control standards for information systems
must be established by senior management
...
....and more
2.2.1 Before any
third party is given remote access to The Fake Chicken
Company
computer systems and
networks, a
Remote Access Application Form must be
completed and approved by an authorised senior manager of
The Fake Chicken Company. Internal third party
users
must sign the
form at the back of the Acceptable Use Policy.
Remote Access Policy
Remote Access Agreement
Remote Access Application Form
....and more
Top
2.3.1 The
Fake Chicken Company
management reserves the right to revoke the privileges...
Explanation
This policy gives management latitude
when it comes to making a decision about privilege
revocation should a user abuse their privileges.
Disciplinary actions may also result, depending upon the
severity of the deed.
....and more
2.4.1 Management
must promptly report all significant changes in user duties
...
Explanation
User privileges
must promptly be disabled if an individual has been
terminated, transferred, promoted, put on leave without pay,
or otherwise no longer in the same position...
Special Access
Policy
....and more
Top
3.1.1 A special
type of user ID which has high level system privileges will
be granted to
users who need to change the security state of
systems.
Special Access Policy
....and more
3.2.1
Individuals or organisations who do not fall into the
category of employee, contractor or consultant must not be
assigned a user ID or given privileges to use company
computer systems and resources unless the written approval
of the IT Manager has first been obtained.
Network Management Policy
Remote Access
Policy
....and more
3.3.1 All
The Fake Chicken Company
information systems privileges must be promptly terminated...
Information Management
Policy
....and more
3.4.1 The
Fake Chicken Company is
required to use access controls and other security measures
to protect the confidentiality, integrity and availability...
Top
....and more
3.5.1 Remote administration of servers or personal computers is permitted
providing additional security is used...
Remote Access Policy
....and more
© 2004 All
Rights Reserved Kaon
Security Ltd |
BS 25999 Standard
No Match 
