Your browser has JavaScript turned off.
You must turn it on to proceed.

NORS -- CSRIC Best Practices Result

CSRIC Best Practices Result

Detailed Information for the Best Practice: 9-8-8098

Number 9-8-8098
Priority Critical
Description Create Policy on Removal of Access Privileges: Service Providers, Network Operators, and Equipment Suppliers should have policies on changes to and removal of access privileges upon staff members status changes such as terminations, exits, transfers, and those related to discipline or marginal performance.
Network Type(s) Internet/Data
Industry Role(s) Service Provider; Network Operator
Keyword(s) Cyber Security;Intrusion Detection;Network Operations;
Reference/Comments Octave Catalog of Practices, Version 2.0,CMU/SEI-2001-TR-20 ( Practice OP1.3.1-OP1.3.2, OP3.2.1-OP3.3 and OP3.1.1-Op3.1.3; NIST Special Pub 800-26; OMB Circular A-130 Appendix III. US Government and National Security Telecommunications Advisory Committee (NSTAC) Network Security Information Exchange (NSIE). “Administration of Static Passwords and User Ids”. Operations, Administration, Maintenance, & Provisioning (OAM&P) Security Requirements for Public Telecommunications Network. Draft 2.0, August 2002.