 |
Information Technology Policies and Standards |
Title
| User ID Security Policy Exceptions |
Type
| Procedure |
Related Policy | User ID Security Policy |
Category
| Security |
Status | Approved |
Approved | 10/07/2004 |
To Be Reviewed | 12/04/2008 |
Scope
| Departments needing to establish shared User IDs that can be used by multiple individuals must request special exception to the User ID Security Policy. |
Procedure | Departments requesting an exception must submit a written request with Department Director approval to the Technical Review Committee (TRC) to include the following information:
- department / division
- point of contact name and phone number
- description of system/environment
- justification for exception
- existing security controls that would ensure compliance with all City security policies
This request will be placed on the TRC agenda and a Department representative must attend the TRC meeting to justify the exception.
If the exception request is denied, the Department has the option to ask the TRC to have the request placed on the next Information Services Committee (ISC) agenda. A Department representative must attend the ISC meeting to justify the exception. The decision of the ISC shall be final.
If the exception is approved, it shall be published in a standard. |
Rationale | Special conditions may exist that merit the use of shared User IDs, requiring an exception to the User ID Security Policy.
|
|
|
|
| Contact: Lee Stark, (505) 768-2978 |