Accounts and user management policy

Account creation

New user accounts must only be created after approval of the Technical Director.

Submit a ticket to the helpdesk to request a new account for a device or service.

On-boarding new users

Pre/post-day 1 steps are currently on the Intranet

Account deletion

Off-boarding leaving users

Pre/post-last day steps are currently on the Intranet

Shared user accounts

User accounts must not be shared.

Occasionally an account may be created with group email addresses with explicit approval; request authorisation via the Helpdesk. This will only be approved in cases where the service cannot support multiple users and there is a specific reason for not using an individual user's account.

Administrative / super user accounts

Administrative access to services is only assigned if needed and with approval from MD or Technical Director. New administrative rights are requested by submitting a request to the Helpdesk.

Super user / break-glass accounts must not be used for any activity that doesn't require their privilege level.

Separate scoped rights accounts will be used where possible to allow administration of devices and services. These accounts must not be used for anything else.