Documente Academic
Documente Profesional
Documente Cultură
ACTIFI, INC.
Purpose
Audience
The Physical Access Policy applies to all individuals that are responsible for
the installation and support of Information Resources, individuals charged
with Information Resources Security, and data owners.
Definitions
Physical Access
Policy
The doors to the companys office are also kept locked during nonbusiness hours. Keys to outside locks will be issued to ActiFi
employees and contractors with a need for access by the companys HR
department or CFO.
The computer room will be locked at all times. The company CFO will
determine who has access to the room and who has keys to it. At the
present time the CFO, the Director of IT and the accounting supervisor
are the only ones with access to the room. A motion detector/video
recorder system is in place which records a video of anyone who has
entered the computer room. The director of IT is responsible for
reviewing the video of anyone who has entered the room. If some one
enters the computer room a text message is sent to the Director of IT.
All current HR, Insurance and payroll records are kept locked in file
cabinets located in the CFOs and accounting supervisors office or
cubicle. Current accounts payable files and certain other less critical
files kept in the desk of the staff accountant. Such desk is required to be
locked when not in use. Accounts payable files from recent years are
required to be kept locked in a file cabinet in the hallway of the ActiFi
office.
Lost or stolen access cards and/or keys must be reported to the CFO or
Accounting Supervisor.
Cards and/or keys must not have identifying information other than a
return mail address.
All personnel are responsible for managing their use of IR and are
accountable for their actions relating to IR security. Personnel are also
equally responsible for reporting any suspected or confirmed violations
of this policy to the appropriate management.
Access to, change to, and use of IR must be strictly secured. Information
access authority for each user must be reviewed on a regular basis, as
well as each job status change such as: a transfer, promotion, demotion,
or termination of service.
The fixed asset ledger of the company must have a classification for
each individual asset as to the security level of such asset.
All company files for those employees and independent contractors who
work in the ActiFi offices in Plymouth are required to keep ActiFi and
client related files on ActiFis network drives. If employees and
independent contractors are working outside the office, they may keep
files on the hard-drives of their lap-top computers, but are required to
download files to the companys network drives on a periodic basis.
Employees and contractors who live out of state may keep files on the
hard-drives of their lap-top computer, but are required to back up their
computers and these files to the on-line secure storage facilities
network drives. The Director of IT will back up the contents of these
drives at least weekly.