Formulating a Security Policy › Primary Elements of a Security Policy › All Users

All Users

There are general responsibilities that can be assigned to all users regardless of functional area. This principle is based on the premise that it is the obligation of all users to protect corporate data processing assets. Consider assigning the following responsibilities to the general user community:

• To keep all accounts used to access data processing resources and facilities confidential.
• To revise the password to these accounts at regular intervals.
• To notify the appropriate areas if abuse of an account is suspected.
• To actively support all security procedures.