Personnel Security Policy for 18F
Review of ongoing operational need for current logical and physical access by individuals are initiated and facilitated by supervisor/CO/COR. Retrieval of all information system-related property which includes HDPS-12 cards, authentication tokens (USB for privileged access), laptops, etc. is a common control provided by IO. cloud.gov revokes privileged access if an individual is reassigned or transferred outside of the team.
cloud.gov initiates the revoking process within the same day of an individual being transferred outside of the team.
cloud.gov modifies permissions granted to individuals to correspond any changes in the individual requirements.
18F notifies cloud.gov operators within 5 days of a formal transfer action.