Security and Privacy Controls for Federal Information Systems Essay

Security and Privacy Controls for Federal Information Systems - Essay Example Implementation of Access control Internal Revenue Service (IRS) developed a documented access control policy that addressed the purpose, roles, responsibilities, management commitment, coordination among organizational entities, and compliance with all rules and regulations. We also developed and documented procedures to facilitate the implementation of the access control policy and associated access controls including risk management. These procedures and rules will be reviewed and updated at a specified period of time. Account management is a control within the Access control family. It is denoted by identifier AC-2: This control enables the organization to manage information systems accounts including identifying account types, establishing conditions or membership, identifying authorized users of the information system and specifying user privileges. The organization manages information system accounts, including: Identifying account types (examples: individual, group, system, application, guest and temporary); Establishing conditions for group membership; Identifying authorized users of the information system and specifying access privileges; Requiring appropriate approvals for requests to establish accounts; Establishing, activating, modifying, disabling, and removing accounts;