Begin Main Content Area

L&I, Office of Information Technology Procedure


Name: Account Revocation
Effective Date: June 2017
Category: Security
Version: 1.1

1. Scope:

This procedure applies to all Department of Labor & Industry (L&I) employees and business partners (hereinafter referred to collectively as “L&I Users”).

2. Procedure:

The procedure is implemented by the L&I Office of Information Technology Access Management AM team.

  1. Procedure to Restrict Access

  2. Step Responsibility Action
    1. L&I Bureau of Human Resources Contact agency CISO with user name/ID and date/time for account lock to take place
    2. Agency CISO Contact AM team with account lock details
    3. AM team Take the following actions in the AD:
    • Manually changes user password
    • Unchecks “User must change password at next logon”
    • Removes Logon hours
    • Restricts logon to one hostname
    4. AM team Respond to CISO with completion

  3. Procedure for Account Revocation (RACF)

  4. Step Responsibility Action
    1. L&I User 5 Incorrect logon attempts.
    90 days of inactivity
    2. RACF automations Revoke user account

3. References

L&I Policy Definitions Document

SEC-013 - Access Management

4. Version Control

Version Date Purpose
1.1 10/2016 Base Document
1.2 06/2017 Format and content changes