Policies and Guidelines
To ensure that any file/date modifying activity occurring on a University of Houston corporate computer system is traceable to the individual initiating it.Scope
All shareable corporate computer systems under the control of the University of Houston.Standard
A procedure will be in place for all computer systems to ensure that an individual uniquely identify himself/herself before gaining access to any computing resources.Guidelines
- Automated identification processes should involve providing the system with both a user identification and a confidential password.
- All actions, either on-line or batch should be fully auditable to an individual.
- This policy applies to activities by users and programmers.
- Procedures are actively enforced to ensure that user I.D.s and passwords are removed from the system whenever that person is transferred to another position or leaves the organization.
- Sign-on software does not allow one user to be signed on to more than one terminal. Exceptions may be allowed upon written permission of Support Services and the employee's manager.
- If a decentralized administration approach is used, the ISO has the ongoing responsibility to ensure that these users actively comply with University of Houston policies and procedures regarding user I.D. administration.