The purpose of this Policy is to establish the rules for the requesting, reviewing, approving, maintaining and terminating user accounts. User access controls are put in place to protect information by controlling who has the rights to use different information resources and by guarding against unauthorized use. Formal procedures must control how access to information is granted and how such access is changed.
This policy applies to all users of Stamford’s information assets to include all divisions, departments, business units, vendors, consultants, subcontractors, staff, faculty or students regardless of geographic location. This policy covers all information assets operated by Stamford or those contracted with third parties by Stamford. The term “information asset” defines electronic and non-electronic assets and includes, but it is not limited to all documentation, business processes, data, products, hardware (e.g. desktop, network devices), and software.