IT Account and Access Procedure

Size: px
Start display at page:

Download "IT Account and Access Procedure"

Transcription

1 IT Accunt and Access Prcedure

2 Revisin Histry Versin Date Editr Nature f Change 1.0 3/23/06 Kelly Matt Initial Release

3 Table f Cntents 1.0 Overview Purpse Scpe Passwrds User Requirements Technical Requirements Prcedural Requirements Bad Passwrd Practices: Passwrd Self Service Accunt Management Accunt Taxnmy Granting Access Administrative Accunts: Administrative Accunt Passwrd Requirements: Tw-factr authenticatin fr Administrative Accunt:. Errr! Bkmark nt defined. 5.4 Temprary Privilege Accunts: Reevaluatin f System Access Revking Access Enfrcement Related Plicies, Prcedures, and Cdes f Cnduct Appendix A: Active Directry Passwrd Cnfiguratin... 5 Appendix B: IT Accunt and Access Prcedure Exceptin... 6

4 1.0 Overview All individuals wh access the University f Nrthern Clrad s cmputing infrastructure have a respnsibility t safeguard these systems and data. User accunts and passwrds are tw mechanisms thrugh which this is accmplished. This prcedure establishes the rules by which user accunts and passwrds shuld be managed and used n any cmputing resurce belnging t the University. 2.0 Purpse The ability t access infrmatin and/r applicatin systems within UNC s cmputing envirnment must be based n clearly defined business requirements. This dcument aids in establishing clear definitin fr accunt and passwrd management. 3.0 Scpe This Prcedure applies t emplyees, cntractrs, cnsultants, temprary emplyees, and ther wrkers at UNC including all persnnel affiliated with third parties. This Regulatin applies t all equipment that is wned r leased by UNC. 4.0 Passwrds Passwrds are an imprtant frm f prtectin used t ensure that the University s infrmatin is stred and prcessed in a secure manner. Due t this, passwrds must be defined and implemented in accrdance with a minimum set f standards. This sectin establishes the rules by which passwrd shuld be assigned and used n any cmputing resurce belnging t the University 4.1 User Requirements Users are respnsible fr all activity perfrmed with their individual user-id. User-IDs may nt be utilized by anyne the individuals t whm they have been issued. Users must nt allw thers t perfrm any activity with their user-ids. Similarly, users must nt perfrm any activity with IDs belnging t ther users. Users must chse their wn passwrds. They shuld nt be easily guessed but easy enugh fr the user t remember withut writing it dwn. Users are respnsible fr maintaining the security f their passwrds. Passwrds shuld NEVER be shared, written dwn, r stred electrnically. If a user must write a passwrd dwn, it shuld never be written n smething that can be assciated with the user (i.e. business cards). If passwrds need t be stred electrnically an encryptin schema that is apprved by the Office f Infrmatin Security must be used. (See Appendix B IT Accunt and Access Prcedure Exceptin) The sharing f a single user ID r assciated passwrd amng several users is prhibited Prir t receiving an accunt, all users must sign a statement acknwledging that they have received and reviewed the university s IT acceptable user regulatin. Access t varius types f infrmatin may be blcked. Individuals will be required t btain apprpriate apprval prir t being allwed access. Individuals accessing university data withut a valid business need may be subject t disciplinary actin. If a user believes their passwrd has been cmprmised, the user shuld cntact the UNC Technical Supprt Center immediately fr assistance. 4.2 Technical Requirements Persnal cmputers shall have a screen saver passwrd set t autmatically engage after 10 minutes f inactivity. Where technically feasible all systems will at a minimum prmpt fr user ID and emply passwrds fr accunt access. All accunts must be disabled after 5 unsuccessful lgn attempts. Where technically feasible passwrd cmplexity must be prgrammatically enfrced. Passwrds must be a minimum f 9 characters lng fr all user accunts. Page 1 9/26/2006

5 Passwrds shuld nt be displayed in plain text n the mnitr when entered. Where technically feasible single-sign-n technlgy shuld be used. Passwrds must cntain characters frm at least three f the fllwing fur classes: Upper case letters Lwer case letters Numeric (0 t9), this shuld nt be the first r last character One special character, this shuld nt be the first r last character Where technically feasible a passwrd histry f 14 passwrds must be retained t limit passwrd reuse. Where technically feasible the minimum passwrd age shall be 1 day. User accunts must change passwrds every 90 days. Users must be able t change their wn passwrd independent f any external party. 4.3 Prcedural Requirements Administrative accunts must fllw the prcedures identified in sectin TSC persnnel must verify the identity f a user prir t resetting the passwrd. Identity verificatin may be dne by using vic call back r by sme ther apprved frm f identity verificatin. A system administratr must manually unlck accunts. New accunts r accunts fr which a passwrd has been reset must be set t expire at the next lgin attempt. Passwrds must nt be embedded in scripts r applicatin cde and will nt be used in URL passing. Fr internet applicatin, separate the delivery f user ID and passwrds is required. All new r reset passwrds must meet cmplexity rules and be randmly generated. N cmmn r default passwrds will be used. N default system and applicatin passwrds are allwed. Passwrds exempted frm regular changing must have an apprved exceptin. Exceptins must be apprved by the Office f Infrmatin Security and the apprpriate directr fr the respective IT unit. The passwrd will be a minimum f 12 characters (r the maximum permitted by technlgy, whichever is less) in length. Upn renewal f the exceptin, the passwrd must be changed. User accunts with nn-expiring passwrds are prhibited. 4.4 Bad Passwrd Practices: The fllwing are sme examples f practices and behavirs that can result in weak r bad passwrds. Under n circumstances shuld individuals use passwrds that utilize the fllwing: Passwrds that match the accunt ID Passwrds that cntain the user accunt wner s name, first middle r last. Passwrds that cntain the users bear ID r Scial Security number Any vendr r prduct name Any cnsecutive r repeating keybard characters e.g. 123, jkl Individuals are strngly urged t nt use the fllwing when creating there passwrds: The name f a fd, celebrity, sprt r sprts team IT Accunt and Access Prcedure Wrds that are fund in cmmn dictinaries English r therwise Using sequential passwrds Passwrds that cntain family member r pet names Page 2 9/26/2006

6 4.5 Passwrd Self Service Passwrd Self Service is a pwerful and very useful tl. This technlgy can reduce supprt csts and significantly reduce supprt calls. The benefits frm these tls are significant. Hwever, due t the very pwerful nature f these tls precautins must be in place t guard against misuse and abuse. The fllwing are base level guidelines that a passwrd self service slutin must meet. Servers and systems used t prvide passwrd reset activities must be sufficiently secured and have limited well defined access rights. All passwrd reset related activities must be handled via an encrypted channel At n pint in the passwrd reset prcess shuld any data used t reset passwrds be passed in clear text. Infrmatin gathered and used t perfrm passwrd resets must be sufficiently unique t the given individual. Infrmatin that a large number f individuals may have in cmmn shuld nt be used t reset user passwrds. Infrmatin gathered and used t perfrm passwrd resets must nt be easily guessed r easily btained. Examples include but are nt limited t the fllwing: Mthers maiden name Data f birth Place f birth Favrite Clr 5.0 Accunt Management User accunts are the primary frm f digital identity and access t UNC cmputing resurces. As such, it is vitally imprtant that these digital identities be managed in a cnsistent fashin. The fllwing utlines accunt management practices fr the University f Nrthern Clrad. 5.1 Accunt Taxnmy The fllwing naming standards will be used fr all accunts created within the universities cmputing envirnment. User accunts: first name.last name Administratr accunts: last.admin Service accunts: unique descriptin.service (In additin t a standard descriptins a primary cntact must be defined and dcumented in a descriptin r cmments field fr the accunt. The primary cntact shuld be defined by psitin as well as name.) 5.2 Granting Access Netwrk access must be granted based n business requirements. Privileges will be granted nly when there is a legitimate need. User accunts require prper authrizatin prir t being established. T maintain individual accuntability and system integrity, user IDs must be unique within and acrss cmputing platfrms. Each cmputer and cmmunicatin system user-id must uniquely identify nly ne user. Shared r grup user-ids are permitted nly when the use f a unique user-id is nt feasible. Exceptins must be dcumented and apprved by management and the Office f Infrmatin Security. 5.3 Administrative Accunts: Each request fr administrative rights will be made in writing and will include the fllwing: Justificatin fr the need fr the accunt Line management apprval Page 3 9/26/2006

7 Infrmatin Security Office apprval IT Management apprval Administrative Accunt Passwrd Requirements: Accunts that have elevated privileges must adhere t the fllwing passwrd requirements: All administrative, technical supprt accunts, and accunts deemed t have privileged access must change there passwrd every 45 days. These accunts, where technically feasible, must make use f a 14 character passwrd. Passwrd, where technically feasible, must cnsist f uppercase, lwercase, numbers, special characters, and extended ASCII characters. 5.4 Temprary Privilege Accunts: Temprary privilege accunts will be re-evaluated every 6 mnths. Temprary privilege accunts will nly be issued at the discretin f the UNC Infrmatin Security Office with the apprval f IT management. Duratin f such accunts will be negtiated based upn the business need and nly when there is n viable alternative slutin. These accunts will be limited in functin, allwed nly t perfrm the required task/s. Prjects: When privileges are granted fr a particular prject, these privileges will be revked at the cmpletin f the prject. 5.5 Reevaluatin f System Access System privileges shuld be reviewed n a peridic basic. Accunt and privileges that n lnger apprpriate must be prmptly revked. All user accunts that have been inactive fr 60 cnsecutive days will be reviewed, disabled, and deleted frm the system as necessary. New accunts nt activated within 14 days must be disabled. 5.6 Revking Access The fllwing guidelines specify the requirements fr separatin f emplyees and cntractrs. User accunt shall be immediately disabled upn separatin frm the university. As part f the separatin Human Resurces will submit a request t the TSC t have the accunt disabled. Reactivating an accunt that has been disabled will require the user t fllw the initial request prcess. 6.0 Enfrcement Thse fund t have vilated this regulatin may be subject t suspensin f cmputer access privileges. 7.0 Related Plicies, Prcedures, and Cdes f Cnduct. All applicable laws and University plicies, regulatins and prcedures bind UNC students and emplyees. UNC Acceptable Use Regulatin: Page 4 9/26/2006

8 Appendix A: Active Directry Passwrd Cnfiguratin Active Directry Passwrd Plicy Setting: Plicy Enfrce passwrd histry Maximum passwrd age Minimum passwrd age Minimum passwrd length Passwrd must meet cmplexity requirements Stre passwrds using reversible encryptin Setting 14 passwrds remembered 90 days 1day 9 characters Enable Disabled Accunt Lckut Settings: Plicy Accunt lckut duratin Accunt lckut threshld Reset accunt lckut cunter after Setting lckut until unlcked by admin 5 invalid lgn attempts 30 minutes Page 5 9/26/2006

9 Appendix B: IT Accunt and Access Prcedure Exceptin IT Accunt and Access Prcedures exceptin can nly be granted after a security review and with applicable functinal area directr apprval. Exceptins will nly be granted in cases where there is a well justified need and business case fr nt adhering t IT Security Prcedures. Mitigating cntrls will be required in any case were an exceptin t this prcedure is granted. These cntrls must be apprved by the Office f Infrmatin Security and dcumented in this frm. Exceptins are granted fr a maximum f 12 mnths but can be granted fr intervals shrter then 12 mnths. Upn expiratin f an exceptin a review will be cnducted with the requester and the validity f the exceptin examined. If the exceptin is still deemed necessary and prudent the requester must submit a new exceptin frm fr the new time perid. Passwrds fr the accunt must be changed at the expiratin f any given exceptin. Requester: Psitin: Department: Accunt Name: Technical Reasn fr Exceptin: Business Justificatin: Security Requirements and Mitigating Cntrls: Security Apprval Print Name: Sign: Date: Unit Directr Apprval: Print Name: Sign: Date: Exceptin Terminatin (Max 12 Mnths): Page 6 9/26/2006

5.2.1 Passwords. Information Technology Policy. Policy. Purpose. Policy Statement. Applicability of this Policy

5.2.1 Passwords. Information Technology Policy. Policy. Purpose. Policy Statement. Applicability of this Policy Infrmatin Technlgy Plicy 5.2.1 Passwrds Plicy Area: 5.2 Security Title: 5.2.1 Passwrds Issued by: Assistant Vice-President/CIO, ITS Date Issued: 2006 July 24 Last Revisin Date: 2011 Octber 19 Apprved by:

More information

Christchurch Polytechnic Institute of Technology Access Control Security Standard

Christchurch Polytechnic Institute of Technology Access Control Security Standard CPIT Crprate Services Divisin: ICT Christchurch Plytechnic Institute f Technlgy Access Cntrl Security Standard Crprate Plicies & Prcedures Sectin 1: General Administratin Dcument CPP121a Principles Infrmatin

More information

VCU Payment Card Policy

VCU Payment Card Policy VCU Payment Card Plicy Plicy Type: Administrative Respnsible Office: Treasury Services Initial Plicy Apprved: 12/05/2013 Current Revisin Apprved: 12/05/2013 Plicy Statement and Purpse The purpse f this

More information

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview

Security Services. Service Description Version 1.00. Effective Date: 07/01/2012. Purpose. Overview Security Services Service Descriptin Versin 1.00 Effective Date: 07/01/2012 Purpse This Enterprise Service Descriptin is applicable t Security Services ffered by the MN.IT Services and described in the

More information

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments

University of Texas at Dallas Policy for Accepting Credit Card and Electronic Payments University f Texas at Dallas Plicy fr Accepting Credit Card and Electrnic Payments Cntents: Purpse Applicability Plicy Statement Respnsibilities f a Merchant Department Prcess t Becme a Merchant Department

More information

Norwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16

Norwood Public Schools Internet & Cell Phone Use Agreement School Year 2015-16 Yu must read and agree t fllw the netwrk rules belw t use yur netwrk accunt r access the internet. Nrwd Public Schls makes available t students access t cmputers and the Internet. Students are expected

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 6 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk It is the gal f the HTPS (Hillsbrugh Twnship Public Schls) Netwrk t prmte educatinal

More information

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy

COPIES-F.Y.I., INC. Policies and Procedures Data Security Policy COPIES-F.Y.I., INC. Plicies and Prcedures Data Security Plicy Page 2 f 7 Preamble Mst f Cpies FYI, Incrprated financial, administrative, research, and clinical systems are accessible thrugh the campus

More information

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information.

2.1 All SHR Users are responsible for the security of SHR systems/applications, resources and information. POLICY Number: 7311-25-004 Title: Saskatn Health Regin User Accunt Plicy Authrizatin [ ] President and CEO [X] Vice President, Finance and Crprate Services Surce: Directr, Infrmatin Technlgy Services Crss

More information

The user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures.

The user authentication process varies from client to client depending on internal resource capabilities, and client processes and procedures. Learn Basic Single Sign-On Authenticatin Tale s Basic SSO applicatin grants Learn access t users withut requiring that they enter authenticatin lgin credentials (username and passwrd). The access pint

More information

Systems Support - Extended

Systems Support - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and the Enterprise Windws Services t dcument: The technlgy services the Enterprise Windws Services prvides t the custmer. The targets

More information

Personal Data Security Breach Management Policy

Personal Data Security Breach Management Policy Persnal Data Security Breach Management Plicy 1.0 Purpse The Data Prtectin Acts 1988 and 2003 impse bligatins n data cntrllers in Western Care Assciatin t prcess persnal data entrusted t them in a manner

More information

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014

POLICY 1390 Information Technology Continuity of Business Planning Issued: June 4, 2009 Revised: June 12, 2014 State f Michigan POLICY 1390 Infrmatin Technlgy Cntinuity f Business Planning Issued: June 4, 2009 Revised: June 12, 2014 SUBJECT: APPLICATION: PURPOSE: CONTACT AGENCY: Plicy fr Infrmatin Technlgy (IT)

More information

GUIDANCE FOR BUSINESS ASSOCIATES

GUIDANCE FOR BUSINESS ASSOCIATES GUIDANCE FOR BUSINESS ASSOCIATES This Guidance fr Business Assciates dcument is intended t verview UPMCs expectatins, as well as t prvide additinal resurces and infrmatin, t UPMC s HIPAA business assciates.

More information

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer

RUTGERS POLICY. Responsible Executive: Vice President for Information Technology and Chief Information Officer RUTGERS POLICY Sectin: 70.1.1 Sectin Title: Infrmatin Technlgy Plicy Name: Acceptable Use Plicy fr Infrmatin Technlgy Resurces Frmerly Bk: N/A Apprval Authrity: Senir Vice President fr Administratin Respnsible

More information

edoc Lite Recruitment Guidelines

edoc Lite Recruitment Guidelines edc Lite Recruitment Guidelines Intrductin OneStart & the Academic Psitin Search Channel edc Lite Ruting and Wrkgrups Ruting Actin List Ruting Cntrls Wrkgrups Dcument Search edc Lite Dcuments Vacancy Ntice

More information

Woodstock Multimedia, INC. Software/Hardware Usage Policy

Woodstock Multimedia, INC. Software/Hardware Usage Policy Wdstck Multimedia, INC. Sftware/Hardware Usage Plicy POLICY PURPOSE The purpse f the Wdstck Multimedia, INC. Sftware / Hardware Usage Plicy is t ensure that Wdstck Multimedia, INC. emplyees are prperly

More information

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students

Immaculate Conception School, Prince George Bring Your Own Device Policy for Students Bring Yur Own Device Plicy fr Students Purpse This plicy utlines the acceptable use f electrnic devices t maintain a safe and secure educatin envirnment with the gal f preparing students fr the future,

More information

DisplayNote Technologies Limited Data Protection Policy July 2014

DisplayNote Technologies Limited Data Protection Policy July 2014 DisplayNte Technlgies Limited Data Prtectin Plicy July 2014 1. Intrductin This dcument sets ut the bligatins f DisplayNte Technlgies Limited ( the Cmpany ) with regard t data prtectin and the rights f

More information

Data Protection Policy & Procedure

Data Protection Policy & Procedure Data Prtectin Plicy & Prcedure Page 1 Prcnnect Marketing Data Prtectin Plicy V1.2 Data prtectin plicy Cntext and verview Key details Plicy prepared by: Adam Haycck Apprved by bard / management n: 01/01/2015

More information

To clarify terms used within these policies, the following definitions are provided:

To clarify terms used within these policies, the following definitions are provided: Baker University Email Plicy E-mail services are prvided t the Baker cmmunity in supprt f the educatinal missin f the University and the administrative functins t carry ut that missin. Users f Baker e-mail

More information

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013

Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Versin: Mdified By: Date: Apprved By: Date: 1.0 Michael Hawkins Octber 29, 2013 Dan Bwden Nvember 2013 Rule 4-004J Payment Card Industry (PCI) Patch Management (prpsed) 01.1 Purpse The purpse f the Patch

More information

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010

SPECIFICATION. Hospital Report Manager Connectivity Requirements. Electronic Medical Records DRAFT. OntarioMD Inc. Date: September 30, 2010 OntariMD Inc. Electrnic Medical Recrds SPECIFICATION Hspital Reprt Manager Cnnectivity Requirements DRAFT Date: September 30, 2010 Versin: 1.0 2007-2010 OntariMD Inc. All rights reserved HRM EMR Cnnectivity

More information

THIRD PARTY PROCUREMENT PROCEDURES

THIRD PARTY PROCUREMENT PROCEDURES ADDENDUM #1 THIRD PARTY PROCUREMENT PROCEDURES NORTH CENTRAL TEXAS COUNCIL OF GOVERNMENTS TRANSPORTATION DEPARTMENT JUNE 2011 OVERVIEW These prcedures establish standards and guidelines fr the Nrth Central

More information

Information Services Hosting Arrangements

Information Services Hosting Arrangements Infrmatin Services Hsting Arrangements Purpse The purpse f this service is t prvide secure, supprted, and reasnably accessible cmputing envirnments fr departments at DePaul that are in need f server-based

More information

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5

Supersedes: DPS Policy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 of 5 Plicy: 13.01 SUBJECT: INTERNET USAGE Supersedes: DPS Plicy 10.09 - Internet and Use Of The DPSnet, July 14, 2000 Effective: February 15, 2005 Pages: 1 f 5 1.0 POLICY PURPOSE Detrit Public Schls (DPS) Internet

More information

Wire Transfer Request

Wire Transfer Request Wire Transfer Request Requirements and Instructins OFFICE OF DISBURSEMENTS Categry: Dcument Name: Payment Prcessing Wire Transfer Request - Requirements and Instructins Respnsible Department: Office f

More information

Unified Infrastructure/Organization Computer System/Software Use Policy

Unified Infrastructure/Organization Computer System/Software Use Policy Unified Infrastructure/Organizatin Cmputer System/Sftware Use Plicy 1. Statement f Respnsibility All emplyees are charged with the security and integrity f the cmputer system. Emplyees are asked t help

More information

IMPLEMENTATION DETAILS

IMPLEMENTATION DETAILS Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry

More information

GETTING STARTED With the Control Panel Table of Contents

GETTING STARTED With the Control Panel Table of Contents With the Cntrl Panel Table f Cntents Cntrl Panel Desktp... 2 Left Menu... 3 Infrmatin... 3 Plan Change... 3 Dmains... 3 Statistics... 4 Ttal Traffic... 4 Disk Quta... 4 Quick Access Desktp... 4 MAIN...

More information

Cloud Services MDM. Windows 8 User Guide

Cloud Services MDM. Windows 8 User Guide Clud Services MDM Windws 8 User Guide 10/24/2014 CONTENTS Overview... 2 Supprted Devices... 2 System Capabilities... 2 Enrllment and Activatin... 3 Prcess Overview... 3 Verify Prerequisites... 3 Dwnlad

More information

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released

Version Date Comments / Changes 1.0 January 2015 Initial Policy Released Page 1 f 6 Vice President, Infrmatics and Transfrmatin Supprt APPROVED (S) REVISED / REVIEWED SUMMARY Versin Date Cmments / Changes 1.0 Initial Plicy Released INTENT / PURPOSE The Infrmatin and Data Gvernance

More information

Change Management Process For [Project Name]

Change Management Process For [Project Name] Management Prcess Fr [Prject Name] i 1 Intrductin The is fllwed during the Executin phase f the Prject Management Life Cycle, nce the prject has been frmally defined and planned. 1.1 What is a Management

More information

Texas Woman's University University Policy Manual

Texas Woman's University University Policy Manual Texas Wman's University University Plicy Manual Plicy Name: Plicy Number: 6.06 Date Passed: July 2004 Health Insurance Prtability& Accuntability Act (HIPAA) Date Reviewed: September 2008 Next Review: September

More information

ADMINISTRATION AND FINANCE POLICIES AND PROCEDURES TABLE OF CONTENTS

ADMINISTRATION AND FINANCE POLICIES AND PROCEDURES TABLE OF CONTENTS CONTROL Revisin Date: 1/21/03 TABLE OF CONTENTS 10.01 OVERVIEW OF ACCOUNTING FOR INVESTMENT IN PLANT... 2 10.01.1 CURRENT POLICY... 2 10.02 INVENTORY MAINTENANCE AND CONTROL... 3 10.02.1 PROCEDURES FOR

More information

New York Institute of Technology Faculty and Staff Email Retention Policy

New York Institute of Technology Faculty and Staff Email Retention Policy New Yrk Institute f Technlgy Faculty and Staff Email Retentin Plicy Nvember 2013 I. PURPOSE As electrnic mail (email) has becme the primary frm f cmmunicatin at NYIT and thrughut the wrld, the vlume f

More information

TrustED Briefing Series:

TrustED Briefing Series: TrustED Briefing Series: Since 2001, TrustCC has prvided IT audits and security assessments t hundreds f financial institutins thrugh ut the United States. Our TrustED Briefing Series are white papers

More information

Service Level Agreement Distributed Hosting and Distributed Database Hosting

Service Level Agreement Distributed Hosting and Distributed Database Hosting Office f Infrmatin Technlgy Services Service Level Agreement Distributed Hsting and Distributed Database Hsting Nvember 12, 2013 Service Descriptin Distributed Hsting and Distributed Database Hsting Service

More information

Access EEC s Web Applications... 2 View Messages from EEC... 3 Sign In as a Returning User... 3

Access EEC s Web Applications... 2 View Messages from EEC... 3 Sign In as a Returning User... 3 EEC Single Sign In (SSI) Applicatin The EEC Single Sign In (SSI) Single Sign In (SSI) is the secure, nline applicatin that cntrls access t all f the Department f Early Educatin and Care (EEC) web applicatins.

More information

Environmental, Health & Safety Management System (EMS) Documents and Records Management Procedure

Environmental, Health & Safety Management System (EMS) Documents and Records Management Procedure Envirnmental, Health & Safety Management System (EMS) Dcument N.: 01005 Revisin N.: 10 Dcuments and Recrds Management Prcedure Revised: 03/06/2015 Reviewed: 01/26/2015 Prepared By: Liske, Kurt Apprved

More information

Electronic and Information Resources Accessibility Compliance Plan

Electronic and Information Resources Accessibility Compliance Plan Electrnic and Infrmatin Resurces Accessibility Cmpliance Plan Intrductin The University f Nrth Texas at Dallas (UNTD) is cmmitted t prviding a wrk envirnment that affrds equal access and pprtunity t therwise

More information

Internet and E-Mail Policy User s Guide

Internet and E-Mail Policy User s Guide Internet and E-Mail Plicy User s Guide Versin 2.2 supprting partnership in mental health Internet and E-Mail Plicy User s Guide Ver. 2.2-1/5 Intrductin Health and Scial Care requires a great deal f cmmunicatin

More information

Grants Online. Quick Reference Guide Grant Recipients

Grants Online. Quick Reference Guide Grant Recipients Abut Grants Online: Grants Online perates in a web envirnment. Internet Explrer is the preferred brwser fr PC users, but Ggle Chrme als wrks well; FireFx is the preferred brwser fr MAC users. N sftware

More information

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT

FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT FAFSA / DREAM ACT COMPLETION PROGRAM AGREEMENT If using US Pstal Service, please return t: Califrnia Student Aid Cmmissin Prgram Administratin & Services Divisin ATTN: Institutinal Supprt P.O. Bx 419028

More information

Information Technology Services Logical Access Procedure. Prepared by: Jefferson Wells. Desk Procedure - Logical Access Final Draft Last Modified:

Information Technology Services Logical Access Procedure. Prepared by: Jefferson Wells. Desk Procedure - Logical Access Final Draft Last Modified: Infrmatin Technlgy Services Lgical Access Prcedure Prepared by: Jeffersn Wells Desk Prcedure - Lgical Access Final Draft Last Mdified: Saint Luis University Lgical Access Prcedure Table f Cntents I. Intrductin.

More information

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network

Hillsborough Board of Education Acceptable Use Policy for Using the Hillsborough Township Public Schools Network 2361/Page 1 f 8 Hillsbrugh Bard f Educatin Acceptable Use Plicy fr Using the Hillsbrugh Twnship Public Schls Netwrk The Bard f Educatin recgnizes as new technlgies shift the manner in which infrmatin is

More information

EA-POL-015 Enterprise Architecture - Encryption Policy

EA-POL-015 Enterprise Architecture - Encryption Policy Technlgy & Infrmatin Services EA-POL-015 Enterprise ure - Encryptin Plicy Authr: Craig Duglas Date: 17 March 2015 Dcument Security Level: PUBLIC Dcument Versin: 1.0 Dcument Ref: EA-POL-015 Dcument Link:

More information

RSA SecurID Software Token Security Best Practices Guide. Version 3

RSA SecurID Software Token Security Best Practices Guide. Version 3 RSA SecurID Sftware Tken Security Best Practices Guide Versin 3 Cntact Infrmatin G t the RSA crprate web site fr reginal Custmer Supprt telephne and fax numbers: www.rsa.cm. Trademarks RSA, the RSA Lg

More information

Issuing of qualifications and statement of attainment Policy and Procedures Version: 3.0 Last Modified: 1 March 2015

Issuing of qualifications and statement of attainment Policy and Procedures Version: 3.0 Last Modified: 1 March 2015 Issuing f qualificatins and statement f attainment Plicy and Prcedures Versin: 3.0 Last Mdified: 1 March 2015 Purpse ANC issues AQF certificatin dcumentatin nly t a learner whm it has assessed as meeting

More information

Symantec User Authentication Service Level Agreement

Symantec User Authentication Service Level Agreement Symantec User Authenticatin Service Level Agreement Overview and Scpe This Symantec User Authenticatin service level agreement ( SLA ) applies t Symantec User Authenticatin prducts/services, such as Managed

More information

HIPAA HITECH ACT Compliance, Review and Training Services

HIPAA HITECH ACT Compliance, Review and Training Services Cmpliance, Review and Training Services Risk Assessment and Risk Mitigatin: The first and mst imprtant step is t undertake a hlistic risk assessment that examines the risks and cntrls related t fur critical

More information

ABELMed Platform Setup Conventions

ABELMed Platform Setup Conventions ABELMed Platfrm Setup Cnventins 1 Intrductin 1.1 Purpse f this dcument The purpse f this dcument is t prvide prspective ABELMed licensees and their hardware vendrs with the infrmatin that they will require

More information

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337

HIPAA Compliance 101. Important Terms. Pittsburgh Computer Solutions 724-942-1337 HIPAA Cmpliance 101 Imprtant Terms Cvered Entities (CAs) The HIPAA Privacy Rule refers t three specific grups as cvered entities, including health plans, healthcare clearinghuses, and health care prviders

More information

Accessible Service Policy

Accessible Service Policy Accessible Service Plicy Date Created Revisin Oct. 16, 2012 1 Gal This plicy is intended t meet the requirements f the Accessibility Standards fr Custmer Service, Ontari Regulatin 429/07 under the Accessibility

More information

IMT Standards. Standard number A000014. GoA IMT Standards. Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical

IMT Standards. Standard number A000014. GoA IMT Standards. Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical IMT Standards IMT Standards Oversight Cmmittee Gvernment f Alberta Effective Date: 2010-09-30 Scheduled Review: 2011-03-30 Last Reviewed: Type: Technical Standard number A000014 Electrnic Signature Metadata

More information

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY

TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY TITLE: RECORDS AND INFORMATION MANAGEMENT POLICY REFERENCE NUMBER: 14/103368 RESPONSIBLE DEPARTMENT: Crprate Services APPLICABLE LEGISLATION: State Recrds Act 1997 Lcal Gvernment Act 1999 Crpratins Act

More information

Information & Communications Technology ICT Security Compliance Guide (Student)

Information & Communications Technology ICT Security Compliance Guide (Student) Infrmatin & Cmmunicatins Technlgy ICT Security Cmpliance Guide (Student) RESTRICTED Dcument ID: ICT-SSG Versin 1.1 Effective Date 1 Nv 2011 Dcument Cntrl Revisin Histry Versin Date Descriptin Authr 1.0

More information

Merchant Processes and Procedures

Merchant Processes and Procedures Merchant Prcesses and Prcedures Table f Cntents EXHIBIT C 1. MERCHANT INTRODUCTION TO T-CHEK 3 1.1 Wh is T-Chek Systems? 3 1.2 Hw t Cntact T-Chek Systems 3 1.3 Hw t Recgnize T-Chek Frms f Payment 3 1.3.1

More information

iphone Mobile Application Guide Version 2.2.2

iphone Mobile Application Guide Version 2.2.2 iphne Mbile Applicatin Guide Versin 2.2.2 March 26, 2014 Fr the latest update, please visit ur website: www.frte.net/mbile Frte Payment Systems, Inc. 500 West Bethany, Suite 200 Allen, Texas 75013 (800)

More information

SaaS Listing CA Cloud Service Management

SaaS Listing CA Cloud Service Management SaaS Listing CA Clud Service Management 1. Intrductin This dcument prvides standards and features that apply t the CA Clud Service Management (CSM) SaaS ffering prvided t the Custmer and defines the parameters

More information

Issuing of qualifications and statement of attainment Policy and Procedures Version: 5.0 Last Modified: 12 February 2015

Issuing of qualifications and statement of attainment Policy and Procedures Version: 5.0 Last Modified: 12 February 2015 Issuing f qualificatins and statement f attainment Plicy and Prcedures Versin: 5.0 Last Mdified: 12 February 2015 Purpse Duke Cllege issues AQF certificatin dcumentatin nly t a learner whm it has assessed

More information

CHANGE MANAGEMENT STANDARD

CHANGE MANAGEMENT STANDARD The electrnic versin is current, r when printed and stamped with the green cntrlled dcument stamp. All ther cpies are uncntrlled. DOCUMENT INFORMATION Descriptin Dcument Owner This standard utlines the

More information

Grants Online. Quick Reference Guide - Grantees

Grants Online. Quick Reference Guide - Grantees Abut Grants Online: Grants Online perates in a web envirnment. Internet Explrer is the preferred brwser fr PC users; FireFx is the preferred brwser fr MAC users. N sftware is required fr installatin. Lgins

More information

SKILLS CANADA - ONTARIO

SKILLS CANADA - ONTARIO Emplyment Plicy and Prcedure Manual Sectin: Cmmunicatin SPP N: 4.06 Subject: AODA Custmer Service Issued: January 31, 2016 Issue t: All Manual Hlders Replaces: NA Issued by: Re-Evaluatin Date: NA Executive

More information

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS

BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS BLUE RIDGE COMMUNITY AND TECHNICAL COLLEGE BOARD OF GOVERNORS SERIES: 1 General Rules RULE: 17.1 Recrd Retentin Scpe: The purpse f this rule is t establish the systematic review, retentin and destructin

More information

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1

Improved Data Center Power Consumption and Streamlining Management in Windows Server 2008 R2 with SP1 Imprved Data Center Pwer Cnsumptin and Streamlining Management in Windws Server 2008 R2 with SP1 Disclaimer The infrmatin cntained in this dcument represents the current view f Micrsft Crpratin n the issues

More information

American Recovery and Reinvestment Act Reporting Policy

American Recovery and Reinvestment Act Reporting Policy American Recvery and Reinvestment Act Reprting Plicy Updated May 2010 1 I. Backgrund On February 17, 2009, President Barack Obama signed the American Recvery and Reinvestment Act f 2009 (ARRA) int law.

More information

Enterprise IT Migration Overview & FAQ

Enterprise IT Migration Overview & FAQ Enterprise IT Migratin Overview & FAQ The fllwing cmmunicatin is targeted t AgriLife emplyees lcated in Extensin and Research centers thrughut the state. This cmmunicatin shuld be distributed t everyne

More information

MaaS360 Cloud Extender

MaaS360 Cloud Extender MaaS360 Clud Extender Installatin Guide Cpyright 2012 Fiberlink Cmmunicatins Crpratin. All rights reserved. Infrmatin in this dcument is subject t change withut ntice. The sftware described in this dcument

More information

Configuring BMC AREA LDAP Using AD domain credentials for the BMC Windows User Tool

Configuring BMC AREA LDAP Using AD domain credentials for the BMC Windows User Tool Cnfiguring BMC AREA LDAP Using AD dmain credentials fr the BMC Windws User Tl Versin 1.0 Cnfiguring the BMC AREA LDAP Plugin fr Dmain Username and Passwrds Intrductin...3 LDAP Basics...4 What is LDAP and

More information

Internet Banking Agreement and Disclosure Statement

Internet Banking Agreement and Disclosure Statement Internet Banking Agreement and Disclsure Statement This agreement cntains the terms and cnditins that gvern accessing r using Internet Banking (NetTeller), Bill Payment Services, Mbile Banking and On Demand

More information

INTRODUCTION TO PORTAL GROUP STUDIO

INTRODUCTION TO PORTAL GROUP STUDIO Mntana State University Luminis Prtal Prject INTRODUCTION TO PORTAL GROUP STUDIO Grup Studi With the Grup Studi sftware, yu can request the creatin f nline grups fr clubs, affiliatins, r interests and

More information

POLICY INTERNET - ACCEPTABLE USE

POLICY INTERNET - ACCEPTABLE USE POLICY Dc. Cde: IS I5 INTERNET - ACCEPTABLE USE Applicable t: MidCentral DHB Including MidCentral Health & Enable NZ Issued by: Infrmatin Systems Cntact: Manager Service Delivery 1. PURPOSE This plicy

More information

ES PROCEDURES FOR OVERPAYMENT RECOVERY

ES PROCEDURES FOR OVERPAYMENT RECOVERY ES PROCEDURES FOR OVERPAYMENT RECOVERY Effective: 7/1/2012 Respnsible Office: Emplyee Services (ES) Apprved: ES Directr Applicatin: All Emplyees f the University f Clrad Plicy The University f Clrad will

More information

FAYETTEVILLE STATE UNIVERSITY

FAYETTEVILLE STATE UNIVERSITY FAYETTEVILLE STATE UNIVERSITY IDENTITY THEFT PREVENTION (RED FLAGS RULE) Authrity: Categry: Issued by the Fayetteville State University Bard f Trustees. University-Wide Applies t: Administratrs Faculty

More information

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply

Request for Resume (RFR) CATS II Master Contract. All Master Contract Provisions Apply Sectin 1 General Infrmatin RFR Number: (Reference BPO Number) Functinal Area (Enter One Only) F50B3400026 7 Infrmatin System Security Labr Categry A single supprt resurce may be engaged fr a perid nt t

More information

Juniper Networks Product End-of-Life

Juniper Networks Product End-of-Life Juniper Netwrks Prduct End-f-Life Plicy & Prcedure ( EOL Plicy ) Frm time t time, Juniper Netwrks may find it necessary t discntinue prducts and services fr a number f reasns, including technlgy innvatins

More information

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM

THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM THE CITY UNIVERSITY OF NEW YORK IDENTITY THEFT PREVENTION PROGRAM 1. Prgram Adptin The City University f New Yrk (the "University") develped this Identity Theft Preventin Prgram (the "Prgram") pursuant

More information

Vantiv eprotect iframe Technical Assessment Paper Prepared for:

Vantiv eprotect iframe Technical Assessment Paper Prepared for: Vantiv eprtect iframe Technical Assessment Paper Prepared fr: Octber 13, 2015 P a g e 2 Cntents EXECUTIVE SUMMARY...3 OVERVIEW... 3 ABOUT VANTIV EPROTECT... 4 OPERATIONAL FLOW... 5 TECHNICAL ASSESSMENT...6

More information

ROSS RepliWeb Operations Suite for SharePoint. SSL User Guide

ROSS RepliWeb Operations Suite for SharePoint. SSL User Guide ROSS RepliWeb Operatins Suite fr SharePint SSL User Guide Sftware Versin 2.5 March 18, 2010 RepliWeb, Inc., 6441 Lyns Rad, Ccnut Creek, FL 33073 Tel: (954) 946-2274, Fax: (954) 337-6424 E-mail: inf@repliweb.cm,

More information

PCI Compliance Merchant User Guide

PCI Compliance Merchant User Guide PCI Cmpliance Merchant User Guide Table f Cntents Intrductin... 5 PCI Prgram Overview... 5 PCI10 2.0 Applicatin Tl Overview... 6 Lgin Prcess... 6 Update My Prfile... 7 Frgt Yur Passwrd... 8 Welcme Pages...

More information

Agency Fund (Non-Student Org X-Fund) Guidelines Last Revision: 12/7/2009

Agency Fund (Non-Student Org X-Fund) Guidelines Last Revision: 12/7/2009 Agency Fund (Nn-Student Org X-Fund) Guidelines Last Revisin: 12/7/2009 Definitin f Agency Fund: An Agency Fund cnsists f funds held by Eastern Michigan University as custdian r fiscal agent fr thers, such

More information

LINCOLNSHIRE POLICE Policy Document

LINCOLNSHIRE POLICE Policy Document LINCOLNSHIRE POLICE Plicy Dcument 1. POLICY IDENTIFICATION PAGE POLICY TITLE: ICT CHANGE & RELEASE MANAGEMENT POLICY POLICY REFERENCE NO: PD 186 POLICY OWNERSHIP: ACPO Cmmissining Officer: Prtfli / Business-area

More information

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved.

Introduction LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE. 2015 Savision B.V. savision.com All rights reserved. Rev 7.5.0 Intrductin 2 LIVE MAPS UNITY PORTAL / INSTALLATION GUIDE 2015 Savisin B.V. savisin.cm All rights reserved. This manual, as well as the sftware described in it, is furnished under license and

More information

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS

FORM ADV (Paper Version) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS APPENDIX A FORM ADV (Paper Versin) UNIFORM APPLICATION FOR INVESTMENT ADVISER REGISTRATION AND REPORT FORM BY EXEMPT REPORTING ADVISERS Frm ADV: General Instructins Read these instructins carefully befre

More information

Database Services - Extended

Database Services - Extended 1 General Overview This is a Service Level Agreement ( SLA ) between and Database Services t dcument: The technlgy services Database Services prvides t the custmer. The targets fr respnse times, service

More information

IMPLEMENTATION DETAILS

IMPLEMENTATION DETAILS Plicy: Title: Status: 1. Intrductin ISP-I10 Payment Card Security Apprved Infrmatin Security Plicy Dcumentatin IMPLEMENTATION DETAILS 1.1. This dcument supprts implementatin f the "Payment Card Industry

More information

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite

Licensing the Core Client Access License (CAL) Suite and Enterprise CAL Suite Vlume Licensing brief Licensing the Cre Client Access License (CAL) Suite and Enterprise CAL Suite Table f Cntents This brief applies t all Micrsft Vlume Licensing prgrams. Summary... 1 What s New in This

More information

In addition to assisting with the disaster planning process, it is hoped this document will also::

In addition to assisting with the disaster planning process, it is hoped this document will also:: First Step f a Disaster Recver Analysis: Knwing What Yu Have and Hw t Get t it Ntes abut using this dcument: This free tl is ffered as a guide and starting pint. It is des nt cver all pssible business

More information

PENNSYLVANIA SURPLUS LINES ASSOCIATION Electronic Filing System (EFS) Frequently Asked Questions and Answers

PENNSYLVANIA SURPLUS LINES ASSOCIATION Electronic Filing System (EFS) Frequently Asked Questions and Answers PENNSYLVANIA SURPLUS LINES ASSOCIATION Electrnic Filing System (EFS) Frequently Asked Questins and Answers 1 What changed in Release 2.0?...2 2 Why was my accunt disabled?...3 3 Hw d I inactivate an accunt?...4

More information

.100 POLICY STATEMENT

.100 POLICY STATEMENT Treasury Management Operatins Sectin: Treasury Management Number: 105.100 Title: Treasury Management Operatins POLICY Index.100 POLICY STATEMENT.110 POLICY RATIONALE.120 AUTHORITY.130 APPROVAL AND EFFECTIVE

More information

Remote Working (Policy & Procedure)

Remote Working (Policy & Procedure) Remte Wrking (Plicy & Prcedure) Publicatin Scheme Y/N Department f Origin Plicy Hlder Authrs Can be published n Frce Website Prfessinal Standards Department (PSD) Ch Supt Head f PSD IT Security Officer

More information

AUDIT AND RISK COMMITTEE TERMS OF REFERENCE

AUDIT AND RISK COMMITTEE TERMS OF REFERENCE AUDIT AND RISK COMMITTEE TERMS OF REFERENCE 1. TITLE OF COMMITTEE Audit and Risk Cmmittee 2. ESTABLISHMENT The Audit and Risk Cmmittee is established under Part 3 Sectin 19(1) f the Charles Darwin University

More information

CSAT Account Management

CSAT Account Management CSAT Accunt Management User Guide March 2011 Versin 2.1 U.S. Department f Hmeland Security 1 CSAT Accunt Management User Guide Table f Cntents 1. Overview... 1 1.1 CSAT User Rles... 1 1.2 When t Update

More information

Online Banking Agreement

Online Banking Agreement Online Banking Agreement 1. General This Online Banking Agreement, which may be amended frm time t time by us (this "Agreement"), fr accessing yur Clrad Federal Savings Bank accunt(s) via the Internet

More information

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy.

Privacy Policy. The Central Equity Group understands how highly people value the protection of their privacy. Privacy Plicy The Central Equity Grup understands hw highly peple value the prtectin f their privacy. Fr that reasn, the Central Equity Grup takes particular care in dealing with any persnal and sensitive

More information

Loss Share Data Specifications Change Management Plan

Loss Share Data Specifications Change Management Plan Lss Share Data Specificatins Change Management Plan Last Updated: 2/27/2013 Table f Cntents I. Purpse... 3 II. Change Management Apprach... 3 III. Categries f Revisins... 4 IV. Help and Supprt... 6 Lss

More information

Colorado Rapids Youth Soccer Club Social Media and Electronic Communication Policies

Colorado Rapids Youth Soccer Club Social Media and Electronic Communication Policies Clrad Rapids Yuth Sccer Club Scial Media and Electrnic Cmmunicatin Plicies OVERVIEW Online, scial media and ther electrnic cmmunicatin tls such as text messaging have becme a prevalent and effective means

More information

Session 9 : Information Security and Risk

Session 9 : Information Security and Risk INFORMATION STRATEGY Sessin 9 : Infrmatin Security and Risk Tharaka Tennekn B.Sc (Hns) Cmputing, MBA (PIM - USJ) POST GRADUATE DIPLOMA IN BUSINESS AND FINANCE 2014 Infrmatin Management Framewrk 2 Infrmatin

More information