The objective of the Password Security Policy is to establish the minimum rules and requirements that must be enforced in order to ensure that strong passwords are created and protected by all Company’s users and systems.
The effectiveness of this policy is entirely dependent of passwords being kept confidential at all times by the owner.
CONTENT
1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. REQUIREMENTS
3.1 PASSWORD RULES
3.2 PASSWORD SELECTION AND USER GUIDELINES
3.3 DEFAULT PASSWORDS
3.4 PASSWORD STORAGE
4. PASSWORD RESET PROCEDURE AND SECURE PASSWORD DISTRIBUTION
4.1 PASSWORD RESET FOR ACTIVE DIRECTORY
4.2 ASSESSMENT OF COMPLIANCE WITH PASSWORD RULES
5. RESPONSIBILITIES
5.1 USER
5.2 REQUESTOR
5.3 APPLICATION ADMINISTRATOR
6. EXCEPTIONS
7. FINAL CONSIDERATIONS
7.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
7.2 DOCUMENT REVISION
Pages: 12
This bundle contains all the products listed in the Identity and Access Management section. Take advantage of the 25% OFF when buying the bundle!
The Cryptographic Control Policy intends to draw the general principles acceptable to the Company for the usage of cryptography.
The Email Usage Policy was developed by Company in order to allow the secure and effective use of the electronic mail (e-mail) service inside and outside Company. This policy set the standard for appropriate behavior of a Company employee when using the e-mail service and this applies to all employees.
Review Password Security Policy.