Typically, system administrators
at the top of organizational and governmental agencies ascertain which
individuals or systems will be given access to information. The access control
policy outlines the controls placed on both physical access to the computer
system (that is, having locked access to where the system is stored) and to the
software in order to limit access to computer
networks and data. Access control
policies provide details on controlling access to information and systems, with
these topics typically covered at some length: the management of a number of
key issues, including access control standards, user access, network access
controls, operating system software
controls, passwords, and higher-risk system access; giving access to
files and documents and controlling remote user access; monitoring how the
system is accessed and used; securing workstations left unattended and securing
against unauthorized physical
access; and restricting access.
See Also:
Administrator; Computer; Network; Operating System Software; Password; Physical
Exposure; Risk; Superuser or Administrative Privileges.
RUSecure. RUSecure Information Security Policies. [Online, 2004.] RUSecure
Interactive Security Policies Website.
http://www.yourwindow.to/security-policies/
sosindex.htm.