Security Administrator and Authorized Users Clause Samples
The 'Security Administrator and Authorized Users' clause defines who is responsible for managing system security and identifies which individuals are permitted to access protected resources. Typically, this clause designates a specific person or role as the security administrator, who oversees user permissions, monitors access, and ensures compliance with security protocols. It also outlines the process for authorizing users, such as requiring approval or specific credentials before granting access. The core function of this clause is to establish clear accountability and control over sensitive information, thereby reducing the risk of unauthorized access and enhancing overall system security.
Security Administrator and Authorized Users. Grantee shall:
1. designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS user accounts are current.
2. have a security policy that ensures adequate system security and protection of confidential information.
3. notify the CMBHS Help-desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will:
i. ensure that access to CMBHS is restricted to only currently authorized users.
ii. within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS.
iii. maintain the CMBHS Authorized Users List which includes former and current Grantee’s employees, contracted labor, subcontractors or any other users authorized to have access to secure data in CMBHS. The CMBHS Authorized Users List shall document whose authority has been added and terminated; and the date the authority was added and terminated.
4. submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇▇▇▇▇▇▇▇▇▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇▇.▇▇▇▇▇.▇▇.
Security Administrator and Authorized Users. Grantee shall:
i. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS System user accounts are current.
ii. Have a security policy that ensures adequate system security and protection of confidential information.
iii. Notify the CMBHS Help Desk within ten (10) business days of any change to the designated Security Administrator or the back-up Security Administrator. Grantee will:
a. Ensure that access to CMBHS System is restricted to only currently authorized users.
b. Within 24 hours, remove access to users who are no longer authorized to have access to secure data in CMBHS System.
c. Maintain the CMBHS Authorized Users List which includes former and r any other users authorized to have access to secure data in CMBHS System. The CMBHS Authorized Users List shall document whose authority has been added and terminated, and the date the authority was added and terminated.
iv. Submit the CMBHS Security Attestation Form and the CMBHS Authorized Users List as stated in Attachment A, to the following e-mail address: ▇▇▇.▇▇▇▇▇▇▇▇▇@▇▇▇.▇▇▇▇▇.▇▇▇.
v. Continually maintain the current CMBHS Authorized Users List on file and make available to System Agency upon request within five (5) business days.
vi. Immediately block access to CMBHS System of any person who should no longer have access to CMBHS System, due to severance of employment with Grantee or otherwise:
a. I System; and
b. Update records on a daily basis to reflect any changes in account status.
Security Administrator and Authorized Users. Grantee shall: ATTACHMENT E (REVISED AUGUST 2021)
1. Designate a Security Administrator and a back-up Security Administrator. The Security Administrator is required to implement and maintain a system for management of user accounts/user roles to ensure that all the CMBHS user accounts are current.
2. Have a security policy that ensures adequate system security and protection of confidential information.
Security Administrator and Authorized Users. Grantee shall: