Account Management | AC-2

Description

  • Each user of MCC-owned information resources must be assigned a uniquely identifiable account.
  • An approval process is required before granting access authorization for an information resource. The approval process must:
    • positively establish the identity of a user and determine the appropriate user role(s) before access is granted; and
    • document the account holder’s acknowledgement that they have read and agree to the Acceptable Use Policy (AUP) and to their responsibilities as a user of ISS information resources.
  • Before an account is enabled:
    • the account holder’s supervisor or sponsor must approve the account by signing the Request for System Access form; and
    • the new user must sign the Request for System Access and Acceptable Use

Types of Information System Accounts

  • MCC Employee Users
    • These accounts are disabled upon termination of employment or other circumstances deemed appropriate by the supervisor, human resources, the Chief Information Technology Officer (CITO), or their designee. See control PS-4.
  • Sponsored Guest Users
    • These accounts are provisioned by the Infrastructure Team once approved by the sponsor's program manager/department head and the form for third parties is signed.
    • These accounts are valid for the expected length of time until project completion and are automatically disabled on the scheduled expiration date. The account sponsor can renew the account by submitting an updated form for third parties.
    • These accounts are disabled upon termination of employment or other circumstances deemed appropriate by the supervisor, human resources, the CITO or their designee. See control PS-4.
  • Administrator Users
    • These accounts are requested by the user, their supervisor, department head, or higher authority.
    • These accounts are approved by the user's program manager/department head and the Chief Information & Technology Officer's designee for the information resource after review of the request's scope and justification.
  • Local Administrator Accounts
    • Local administrator accounts must be approved by the Information Resource Owner and the Chief Information & Technology Officer's designee for the information resource.
  • Service Accounts
    • These accounts are requested by the owner/custodian for the information resource where the account will be implemented and approved by the Chief Information & Technology Officer's designee after review of the request's scope and justification.

Last updated: 3/11/2024

Contact Hours


Questions?