Difference between revisions of "Internal:Technology access policy amendment"

From Wikimedia District of Columbia
Jump to navigation Jump to search
(Edits)
(ce.)
Line 3: Line 3:
 
The [[Technology Access Policy]] is amended:
 
The [[Technology Access Policy]] is amended:
 
: (a) By replacing Article II, Paragraph 4 with the following:
 
: (a) By replacing Article II, Paragraph 4 with the following:
:: 4. <u>Continued Access</u>. No later than thirty (30) days after an individual who has been assigned a Corporation Email Address ceases to meet the criteria for access defined in Paragraph 3 of this Article, the President shall evaluate the individual's anticipated involvement in the Corporation's future activities and determine whether continued access to a Corporation Email Address should be granted. If such access is granted, it will be retained indefinitely, subject to the continued approval of the President.
+
:: 4. <u>Continued Access</u>. No later than thirty (30) days after an individual who has been assigned a Corporation Email Address ceases to meet the criteria for access defined in Paragraph 3 of this Article, the President shall evaluate the individual's anticipated involvement in the Corporation's future activities and determine whether continued access to a Corporation Email Address should be granted. If such access is granted, it will be retained indefinitely unless revoked by the President.
 
: (b) By replacing Article III, Paragraph 3 with the following:
 
: (b) By replacing Article III, Paragraph 3 with the following:
 
:: 3. <u>Access</u>. Individuals shall only be granted access to a Sensitive PII Tool on a need-to-know basis and with the approval of the President. Shared accounts shall be prohibited.
 
:: 3. <u>Access</u>. Individuals shall only be granted access to a Sensitive PII Tool on a need-to-know basis and with the approval of the President. Shared accounts shall be prohibited.

Revision as of 19:27, 21 February 2016

Status: Under Review

The Technology Access Policy is amended:

(a) By replacing Article II, Paragraph 4 with the following:
4. Continued Access. No later than thirty (30) days after an individual who has been assigned a Corporation Email Address ceases to meet the criteria for access defined in Paragraph 3 of this Article, the President shall evaluate the individual's anticipated involvement in the Corporation's future activities and determine whether continued access to a Corporation Email Address should be granted. If such access is granted, it will be retained indefinitely unless revoked by the President.
(b) By replacing Article III, Paragraph 3 with the following:
3. Access. Individuals shall only be granted access to a Sensitive PII Tool on a need-to-know basis and with the approval of the President. Shared accounts shall be prohibited.
(c) By striking Article III, Paragraph 4.
(d) By inserting the following as Article V – Termination of Access:
1. Application. Any person who has been granted access to an information technology resource pursuant to this Policy, and who ceases to meet the criteria for such access as defined in this Policy, shall have such access terminated as described in this Article.
2. Termination of Email Access. The Secretary shall terminate, or cause to be terminated, access to any Corporation Email Address.
3. Termination of Sensitive PII Tool Access. The President shall terminate, or cause to be terminated, access to any Sensitive PII Tool.
4. Termination of Server Access. The President shall terminate, or cause to be terminated, access to any Corporation Server.