Professional Documents
Culture Documents
10 Access Control
10 Access Control
10 Access Control
Revision No 1 2 3
16/01/19 22/01/19 02/10/19
The policy ensures that registration and de-registration of IT user accounts for access to IT
networks and systems is conducted in a secure and timely manner and includes the
Purpose
requirements for allocating user account privileges on a need-to-know basis, including when a
user changes their job role.
This policy applies to all IT user accounts allocated to permanent, temporary and contractor
Scope
staff, as well as third parties.
Wilson James IT shall enforce implementation of this policy.
It is the responsibility of the Process Owner to:
- Regularly review content to ensure document is current and up-to-date with current legal
Responsibility and best practice requirements
- Carry out a formal annual review of content to ensure compliance and suitability.
Information Security is the responsibility of every User and with your help and co-operation we
can all contribute to making Wilson James a safe and secure working environment.
Printed copies are uncontrolled
Document
It is the responsibility of the user to ensure that they are using the latest issue of this document
Control
and all referenced forms which are available in the WJ-IMS (Intranet).
IMS-SOP-No.2 Record Control identifies record keeping requirements for all documents used
Record Keeping
within this procedure.
Continuous Please send any process improvement suggestions to the Process Owner who will evaluate and
Improvement implement accordingly.
Associated
ISO27001: 2013
Standards
Contents
Annual Review Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Document Change Record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
ACCESS CONTROL POLICY...................................................................................................................................4
RESPONSIBILITIES..............................................................................................................................................4
UNIQUE USER ACCOUNTS AND NEED-TO-KNOW ACCESS RIGHTS AND PRIVILEGES.............................................4
NEW USERS........................................................................................................................................................5
STAFF LEAVER....................................................................................................................................................6
STAFF ROLE CHANGES/MOVERS.........................................................................................................................7
REGULAR REVIEWS OF ACCESS RIGHTS AND PRIVILEGES....................................................................................7
PASSWORD RELATED REQUIREMENTS...............................................................................................................7