Information Technology Policy: Role-Based User Management
Subscriber Content
Procedures for Managing IT User Roles
This policy ensures that there are additional controls in place to detect errors and safeguard company computers and networks against inadvertent exposure to external threats. It applies to all application and process designers, all managers who assign process responsibilities, and all system operators with privileges extending beyond a restricted user.
In this sample, all IT users are to be assigned a standard set of system privileges based on a template defined by IT technical support, and any additional privileges needed by a user must be requested by the user’s manager and approved by IT technical support.