Password and Access Policy for Accounts
I am doing a review of our policies for passwords and access to accounting software. I wonder if some of you might share your school's policies.
1. Do you force a password change every (say) 6 months?
2. Does someone other than the Head of IT have the uber password? The Head/Director/Bursar?
3. For coders/developers, what sort of access and password policies exist? For example, do those writing programs to query accounts info have full access?
4. Do you have any policy documents you might consider sharing?
Thanks so much,