Skip Ribbon Commands
Skip to main content
An Official Pennsylvania Government Website
Translate
Begin Main Content Area

Content Editor

L&I, Office of Information Technology Procedure

(PDF)

Name: Account Revocation
Effective Date: June 2017
Category: Security
Version: 1.1

1. Scope:

This procedure applies to all Department of Labor & Industry (L&I) employees and business partners (hereinafter referred to collectively as “L&I Users”).

2. Procedure:

The procedure is implemented by the L&I Office of Information Technology Access Management AM team.

  1. Procedure to Restrict Access


    2. Step Responsibility Action
    1. L&I Bureau of Human Resources Contact agency CISO with user name/ID and date/time for account lock to take place
    2. Agency CISO Contact AM team with account lock details
    3. AM team Take the following actions in the AD:
    • Manually changes user password
    • Unchecks “User must change password at next logon”
    • Removes Logon hours
    • Restricts logon to one hostname
    4. AM team Respond to CISO with completion


  2. Procedure for Account Revocation (RACF)


    3. Step Responsibility Action
    1. L&I User 5 Incorrect logon attempts.
    OR
    90 days of inactivity
    2. RACF automations Revoke user account

3. References

L&I Policy Definitions Document

SEC-013 - Access Management

4. Version Control

Version Date Purpose
1.1 10/2016 Base Document
1.2 06/2017 Format and content changes