||Create Policy on Removal of Access Privileges: Service Providers, Network Operators, and Equipment Suppliers should have policies on changes to and removal of access privileges upon staff members status changes such as terminations, exits, transfers, and those related to discipline or marginal performance.
||Service Provider; Network Operator
||Cyber Security;Intrusion Detection;Network Operations;
||Octave Catalog of Practices, Version 2.0,CMU/SEI-2001-TR-20 (http://www.cert.org/archive/pdf/01tr020.pdf) Practice OP1.3.1-OP1.3.2, OP3.2.1-OP3.3 and OP3.1.1-Op3.1.3; NIST Special Pub 800-26; OMB Circular A-130 Appendix III. US Government and National Security Telecommunications Advisory Committee (NSTAC) Network Security Information Exchange (NSIE). Administration of Static Passwords and User Ids. Operations, Administration, Maintenance, & Provisioning (OAM&P) Security Requirements for Public Telecommunications Network. Draft 2.0, August 2002.