The Privileged User Accounts Management Procedure has been designed to describe the process of creating, modifying or deleting privileged user accounts from the Company’s business systems.
1.1 PROCEDURE OWNER
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3.1 GENERAL TERMS
3.2 ADMINISTRATION OF PRIVILEGED USER ACCOUNTS AND THEIR ACCESS RIGHTS
4. ROLES AND RESPONSIBILITIES
4.1 SYSTEM ADMINISTRATORS
4.2 IT DIRECTOR
4.3 INFORMATION SECURITY DEPARTMENT
4.4 EMPLOYEES WITH PRIVILEGED USER ACCOUNTS
6. FINAL CONSIDERATIONS
6.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
6.2 DOCUMENT REVISION
7. APPENDIX A – EXAMPLES OF PRIVILEGED ACCESS ACTIONS
The main objective of the Firewalls Administration Procedure is to provide clear rules and guidelines for the design, operation and support of firewalls within Company.
The objective of the Information Security Incident Policy is to set up the foundation of security incidents management in order to minimize the damage and malfunctions, and to monitor and learn from such incidents.