L&I, Office of Information Technology Procedure
(PDF)
Name: |
Account Revocation |
Effective Date: |
June 2017 |
Category: |
Security |
Version: |
1.1 |
1. Scope:
This procedure applies to all Department of Labor & Industry (L&I) employees and business partners (hereinafter referred to collectively as “L&I Users”).
2. Procedure:
The procedure is implemented by the L&I Office of Information Technology Access Management AM team.
- Procedure to Restrict Access
Step |
Responsibility |
Action |
1. |
L&I Bureau of Human Resources |
Contact agency CISO with user name/ID and date/time for account lock to take place
|
2. |
Agency CISO |
Contact AM team with account lock details |
3. |
AM team |
Take the following actions in the AD:
-
Manually changes user password
-
Unchecks “User must change password at next logon”
-
Removes Logon hours
-
Restricts logon to one hostname
|
4. |
AM team |
Respond to CISO with completion
|
- Procedure for Account Revocation (RACF)
Step |
Responsibility |
Action |
1. |
L&I User |
5 Incorrect logon attempts.
OR
90 days of inactivity
|
2. |
RACF automations |
Revoke user account |
3. References
L&I Policy Definitions Document
SEC-013 - Access Management
4. Version Control
Version |
Date |
Purpose |
1.1 |
10/2016 |
Base Document |
1.2 |
06/2017 |
Format and content changes |