Action 15.
Regular Board of Supervisors Meeting
Board of Supervisors
- Meeting Date:
- 05/24/2022
- Title:
- Revised IT Policy 1801 IT Access Control
- Submitted By:
- Sharon Gilman, Board of Supervisors
- Department:
- Board of Supervisors
Presentation:
No A/V Presentation
Recommendation:
Approve
Document Signatures:
BOS Signature NOT Required
# of ORIGINALS
Submitted for Signature:
Submitted for Signature:
0
NAME
of PRESENTER:
of PRESENTER:
Joe Casey
TITLE
of PRESENTER:
of PRESENTER:
Chief Information Officer
Docket Number (If applicable):
Mandated Function?:
Local Mandate or Policy
Source of Mandate
or Basis for Support?:
or Basis for Support?:
11-251
Information
Agenda Item Text:
Approve the revisions to Policy 1801, Information Technology Access Control, as provided in the attachments, effective July 1, 2022.
Background:
The Board of Supervisors has made efficient administrative practices and fiscal responsibility priorities under the Strategic Plan. As part of this effort, IT is making industry-recommended revisions in order to provide greater transparency on system access.
Policy 1801: Information Technology Access Control: Revisions under Section II add the requirement for County IT to send an automatic notification to departments whenever IT accesses files or folders with restricted data. The Section also gives authority to the County Administrator to audit electronic files and folder access to ensure compliance with this requirement.
All county staff were provided an opportunity to review the policy and provide feedback prior to presentation to the Board. No significant concerns were expressed.
Policy 1801: Information Technology Access Control: Revisions under Section II add the requirement for County IT to send an automatic notification to departments whenever IT accesses files or folders with restricted data. The Section also gives authority to the County Administrator to audit electronic files and folder access to ensure compliance with this requirement.
All county staff were provided an opportunity to review the policy and provide feedback prior to presentation to the Board. No significant concerns were expressed.
Department's Next Steps (if approved):
Set procedures for automatic notifications as described.
Impact of NOT Approving/Alternatives:
Policies will not meet industry best practices and lack transparency to departments.
To BOS Staff: Document Disposition/Follow-Up:
None.