Records Access Security Plan (Expanded)

1. Get Proposal Kit Professional that includes this business document.

We include this Records Access Security Plan (Expanded) in an editable format that you can customize for your needs.

2. Download and install after ordering.

Once you have ordered and downloaded your Proposal Kit Professional, you will have all the content you need to get started with your project management.

3. Customize the project template with your information.

You can customize the project document as much as you need. You can also use the included Wizard software to automate name/address data merging.

How to write my Records Access Security Plan (Expanded) document

Access Security Plan

Security and Access Control is of the utmost importance to Company Name. We have identified the following needs for security in the context of the Records Management program. Use this template to discuss areas in which security is needed. These might include concerns about personal security of an organization's personnel, clients, or visitors; security of physical facilities from vandalism or theft; or data security, which often includes transmission and storage issues of both printed and computerized records.

To fill in the categories below, state a general category (such as " Security of Front Office Staff" or " Data Security" ) and then describe the need for that type of security.

Security Groups

Security Groups can be classified as roles for user groups or as content groups for access rights. User access rights can be defined as View Only, Content Manager, Power User, and Administrator. These groups can also be organized based on groups of users or content items.

Content based Security Groups may also be classified as Confidential, Public, or Departmental. Need: Describe the need for this type of security. Include any past incidents to make your case.

Risks: Insert your ideas of what might happen if security is not improved. Requests/Recommendations: Insert any ideas you have about how to meet this security need.

Security Accounts

Accounts can be created for the access to content repositories within the security group hierarchy. Accounts can be set up based on business units or for cross departmental tasks or specific projects. Need: Describe the need for this type of security. Include any past incidents to make your case.

Risks: Insert your ideas of what might happen if security is not improved. Requests/Recommendations: Insert any ideas you have about how to meet this security need.

Document Level Security

Document level security is often stored at a metadata level of the record and should be limited to a single security group. Need: Describe the need for this type of security. Include any past incidents to make your case. Risks: Insert your ideas of what might happen if security is not improved.

Requests/Recommendations: Insert any ideas you have about how to meet this security need. The Records Management program will require varied levels of access controls to allow different users and groups access to different portions of the content or to allow different privileges of access, such as contributions, edits, annotations, and deletions. Types of access include: View Only, Contributor, Super User, Administrator, and so on.

Document Level Access Category

Permissions for the level of access to a document is often set at the Security Group under the Public, Departmental or Confidential access rights. For example, if the user had view only access to the public group, and View Only access to HR document the user would be able to read HR content that is open to the public such as I9 forms and no access to employee files. Content Type: List applications or records categories.

Groups: List groups or communities that have access to the content. Description: Describe the access level and security role, and activities that can be performed. Security Level: Define the level of access.

User Access Category

Users are granted access to different kinds of documents or account level access. Content Type: List applications or records categories. Groups: List groups or communities that have access to the content. Description: Describe the access level and security role, and activities that can be performed.

Security Level: Define the level of access.

Service Level Access Category

Service level access is used for system level access and impersonation accounts for system integrations. Service accounts often have specific rights and access to content stores across the Enterprise. Content Type: List applications or records categories.

Groups: List groups or communities that have access to the content. Description: Describe the access level and security role, and activities that can be performed. Security Level: Define the level of access.

The Records Management program will require the following security measures to be implemented and maintained.

Security Access Account Management

The Security Plan outline above will work well with LDAP and Active Directory to grant access and maintain permissions. Responsible Party: Who is responsible? Description of security access model, areas impacted, vulnerability assessment. Specify how compliance is met and maintained in an action plan and how security measures will be adopted.

Security Access Scalability

The Security Plan as outline above will make it easy to manage large user communities and expand throughout the enterprise. Responsible Party: Who is responsible? Description of security access model, areas impacted, vulnerability assessment. Specify how compliance is met and maintained in an action plan and how security measures will be adopted.

Security Access Maintenance

User access and management is the responsibility of Department or IT Administrator and deployed using the following methods. Responsible Party: Who is responsible? Description of security access model, areas impacted, vulnerability assessment. Specify how compliance is met and maintained in an action plan and how security measures will be adopted.