Administrative and Privileged Access Policy
Jim.Dillon at cusys.edu
Wed Mar 19 17:12:25 GMT 2003
One of our campuses has recently finalized a new AUP which defines not only end user rights and responsibilities, but also defines some expectations for "privileged access."
We would like to develop some standards and guidelines for administrative/privileged access to publish or have administrators acknowledge as part of their work agreement. If any of you has such an agreement (rights and responsibilities of system administrators/privileged access) or standards guideline we'd appreciate a copy or a pointer to it if it is online. The goal is to be comprehensive and ensure we don't overlook anything useful or innovative someone else has already developed. Feel free to send responses directly to me at the email address in the sig block below.
Thanks and best regards,
Jim Dillon, CISA
IT Audit Manager
University of Colorado
jim.dillon at cusys.edu
Dept. Phone: 303-492-9730
More information about the unisog