Document Control
Organization
[Council Name]
Title
[Document Title]
Author
[Document Author – Named Person]
Filename
[Saved Filename]
Owner
[Document Owner – Job Role]
Subject
[Document Subject – e.g. IT Policy]
Protective Marking
[Marking Classification]
Review date
Revision History
Revision Date
Revisor
Previous Version
Description of Revision
Document Approvals
This document requires the following approvals:
Sponsor Approval
Name
Date
Document Distribution
This document will be distributed to:
Name
Job Title
Email Address
Contributors
Development of this policy was assisted through information provided by the following organisations:
Devon County Council
Sefton Metropolitan Borough Council
Dudley Metropolitan Borough Council
Staffordshire Connects
Herefordshire County Council
West Midlands Local Government Association
Plymouth City Council
Worcestershire County Council
Sandwell Metropolitan Borough Council
Contents
1 Policy Statement 4
2 Purpose 4
3 Scope 4
4 Definition 4
5 Risks 4
6 Applying the Policy - Passwords 5
6.1 Choosing Passwords 5
6.1.1 Weak and strong passwords 5
6.2 Protecting Passwords 5
6.3 Changing Passwords 5
6.4 System Administration Standards 6
7 Applying the Policy – Employee Access 6
7.1 User Access Management 6
7.2 User Registration 6
7.3 User Responsibilities 6
7.4 Network Access Control 7
7.5 User Authentication for External Connections 7
7.6 Supplier’s Remote Access to the Council Network 7
7.7 Operating System Access Control 7
7.8 Application and Information Access 8
8 Policy Compliance 8
9 Policy Governance 8
10 Review and Revision 9
11 References 9
12 Key Messages 9
13 Appendix 1 10
1 Policy Statement
[Council Name] will establish specific requirements for protecting...