Access Control and Account Management Policy Overview
Introduction
This policy promotes good practice to ensure appropriate access to information systems and subsequent sensitive data is managed and documented. The policy contains essential information regarding both staff and student user accounts, the creation and use of shared and visitor accounts on the University network, with respect to access to University IT systems, circumstances when accounts may be disabled, and refers the user to the Regulations for the use of IT Facilities and Learning Resources document.
Key Points
- Access rights to information systems must be controlled,
- When staff change roles, their managers must ensure that their access to individual systems and data is updated to reflect their new role,
- Individual user accounts are created for sole usage,
- When a shared account is required for operational purpose, its usage must be traceable back to individuals,
- University IT systems misuse and abuse will be investigated using the University Problem Resolution Framework (Link for SHU staff only).
The Policy Document
The complete policy can be found here.
Guidance
Further guidance is currently under development.
For SHU staff the IS&T Intranet Help pages contain further guidance on
- Forms notifying IS&T of starters, leavers, and changes in role. (SHU staff only)
