Policy 7230A - Department of Administration
Policy 7230A - Department of Administration
Policy 7230A - Department of Administration
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
11.2.2. Hire Employees in a Structured Fashion<br />
Upon initial hire, employee identity should be verified and accounts created<br />
with appropriate access rights and permissions:<br />
11.2.2.a Account and Permissions Provisioning and Review<br />
• Account permission provisioning should be performed by one<br />
dedicated set <strong>of</strong> administrators.<br />
• Account and permission review should be performed by a<br />
second set <strong>of</strong> dedicated administrators.<br />
11.2.3. Transfer Employees in a Structured Fashion<br />
Employees that change positions within the agency should be screened<br />
according to their new position and have system account access and<br />
permissions reviewed:<br />
11.2.3.a Account and Permissions Revocation and Review<br />
• Review access to revoked accounts should be provided for no<br />
more than thirty days.<br />
• Data transfer orders should be provided in writing and should<br />
specify:<br />
o The data to be transferred.<br />
o The location to be transferred from.<br />
o The location to be transferred to.<br />
o The reason for the data transfer.<br />
• Permanent deletion orders should be provided in writing.<br />
11.2.3.b Account and Permissions Provisioning and Review<br />
See section 11.2.2.a <strong>of</strong> these Non-Mandatory Baselines.<br />
11.2.4. Terminate Employees in a Structured Fashion<br />
Employee termination should include the recovery <strong>of</strong> all issued materials and<br />
the closing <strong>of</strong> all established accounts:<br />
11.2.4.a Account and Permissions Revocation and Review<br />
See section 11.2.3.a <strong>of</strong> these Non-Mandatory Baselines.<br />
11.3. Maintain Records<br />
Agencies should capture documentation appropriate to personnel security processes:<br />
• Maintain copies <strong>of</strong> all submission and screening documents for applicants that<br />
are hired for future reference.<br />
• Maintain copies <strong>of</strong> all completed access agreements.<br />
• Maintain copies <strong>of</strong> all provisioned system access accounts and associated<br />
permission.<br />
• Maintain records <strong>of</strong> all issued agency owned materials.<br />
• Maintain copies <strong>of</strong> all exit interview documents.<br />
35