Policies and Guidelines - University of Houston
Skip to main content

Policies and Guidelines

Controlling Access to Information

Last Updated: December 12, 2008
Reviewed: January 8, 2010


To ensure confidentiality, integrity, and availability of their information resources, a department must have a strategy for controlling access to information through owner identification and user authentication.


Departmental management and technology staff.

Process Overview

  1. Identify and establish data owners.
  2. Identify the user groups who need access to the data controlled by each data owner.
  3. Data owners identify the privileges to be granted to each group of users.
  4. Each computer user is required to have a unique logon ID and strong password.
  5. Each computer user acquires access to information through assignment to one or more user groups.