Access control procedures are essential for Ken7 Windows limited organization for protecting the sensitive information from being accessed by unauthorized user and limiting access to the user role permissions granted. This procedure guide is to be adhered by the personnel to implement the necessary access control changes.
Status or setting prior to any change: To view the current settings or status, the user open the start menu and right click on the computer and select the option manage. Computer management will open up where the personnel can view the current status of the system and can modify changes as per the requirement.
Reason for change: There could be multiple reasons for change which include- new user requiring access to the network folders, due to change in the user role the user may be needed to be added to a certain group to access the sensitive information. Changes to the access controls could also be done due to user no longer working on the specific task and needs to be withdrawn from the certain group to limit access to the path/network/file/folders.
Change to implement: To implement the changes, the personnel is required to determine the potential security impacts preceding to the change implementation. The change of implementation also includes understanding the security controls to be implemented within the system and how the changes make affect various access controls to the users. These changes to be implemented are to be signed off by the change control team and indicate if they have the adequate measures to safeguard the sensitive information. These changes can be implemented through the administrative tools where the personnel can add the user to the particular group of individuals having the required access controls.
Scope of the change: The scope are defined by the rights and role of the group.The scope of the change for a security group intended could be for a particular domain, for a computer or various domains. The personnel needs to change the scope by logging out as from the administrative role and testing the access by logging in as a user and ensuring the access controls granted as per the need. Ensuring the user is rightfully added to the security group and can view the required objects/ networks as per the designated user role.
Impact of the change: The impact of change should not affect any other user accounts or security groups. It only extends to the user being provided access or being denied access to the particular domain of access controls.
Status or setting after the change: After providing the user the desired access controls the personnel is required to check the status of the user account similarly to checking it prior to making the changes to review if the changes made are reflected on the users account.
Process to evaluate the change- The personnel through the admin role needs to recheck all the changes modified are reflected correctly and check through the user account too if the implemented changes are produced as expected.