Governance

GOV060

System users protect systems by following policies and procedures

Developing and maintaining a security culture helps system users comply with security policies and procedures. System users need to be aware of the risks to any system they use and understand the part they play in reducing those risks.

Your responsibilities as a system user

As a system user, whatever your level of access, you must:

  • comply with the security policies and procedures for the system
  • ensure your account authenticators are strong enough to protect the system (for example, passwords and other login details)
  • not share authenticators for accounts without approval
  • take responsibility for all actions under your account
  • only use your access to perform authorised tasks and functions.

When you want to bypass a policy or procedure

Security policies and procedures aim to cover all situations that may arise within an organisation. However, sometimes you may have a legitimate reason for wanting to bypass a policy or procedure. If this is the case, you must seek and get formal approval from your CISO or ITSM before you act.

Page last modified: 4/05/2022