Skip to content
Policy Acceptance Template
  • Pages
    • Welcome!
    • Live Policies
      • Acceptable Use Policy
      • icon picker
        Access Control Policy
      • Asset Management Policy
      • Backup Policy
      • Business Continuity and Disaster Recovery Policy
      • Change Management Policy
      • Code of Conduct
      • Data Classification and Handling Policy
      • Data Protection Policy
      • Data Retention and Deletion Policy
      • Encryption & Key Management Policy
      • Exception and Enforcement Policy
      • Incident Response Policy
      • Information Security Policy
      • Internal Security Audit Policy
      • Network Security Policy
      • Password Policy
      • Physical Security Policy
      • Responsible Disclosure Policy
      • Risk Management Policy
      • Secure Development Policy
      • Vendor Management Policy
      • Vulnerability Management & Patch Policy
      • Wireless Communication Policy
    • Admin
      • Policy Compliance
      • Acceptance Log
      • Live Policies Admin View
      • Policy Changelog
      • Template Policy
Policy Acceptance Template
/
/
Access Control Policy
Share
Explore

Access Control Policy

Overview

The purpose of this Access Control Policy is to ensure the confidentiality, integrity, and availability of company resources by limiting access to authorized personnel and preventing unauthorized access, modification, or destruction of information.

Scope

This policy applies to all employees, contractors, and third-party vendors who have access to company resources, including but not limited to computer systems, networks, software, and data.

Policy

Access to company resources will be granted based on the principle of least privilege, which means that each employee will only have the minimum access necessary to perform their job duties.
Access to company resources will be granted based on a need-to-know basis, which means that employees will only have access to information that is required to perform their job duties.
Passwords will be used to protect access to company resources, and employees will be required to create strong passwords that are not easily guessable.
Multi-factor authentication will be used for all remote access to company resources.
Access to company resources will be monitored and logged to detect and prevent unauthorized access or misuse.
Employees are required to report any suspected security incidents or violations of this Access Control Policy to the appropriate personnel immediately.
Regular reviews of access permissions will be conducted to ensure that they are still necessary and appropriate.

Enforcement

Any employee found to have violated this Access Control Policy may be subject to disciplinary action, up to and including termination of employment. Contractors and third-party vendors who violate this policy may have their access revoked and may be subject to legal action.

Revision History

Date of Change
Policy
Notes
7/7/2023
Minor formatting
1/31/2022
Policy Created
No results from filter

Accept

Access Control Policy 1.1
By clicking this button I acknowledge that I have read the above policy and agree to comply with the policy
No results from filter


Revision and acceptance filter:
DO NOT CHANGE



Overview
Scope
Policy
Enforcement
Revision History
Accept
Gallery
 
Want to print your doc?
This is not the way.
Try clicking the ··· in the right corner or using a keyboard shortcut (
CtrlP
) instead.