WDLT Employee Handbook

DATA PROTECTION

User Access Audits/Reviews:

Assigned team members will complete regular audits of user access to our systems

and information. All or some users’ access will be revoked if it is determined it is no

longer needed or not required to meet job requirements.

Since system owners/managers are most familiar with team members’ specific job

responsibilities, they must also periodically review who has access to information

and/or systems and determine if access is still warranted. If access is no longer

needed or should be modified, a user access request must be submitted through our

company process within 24 business hours after it is determined the access is no

longer needed.

Non-Usage Review:

In addition to auditing user access, reviews of the last time an employee has logged

into a system or accessed information are completed to determine if continued

access is needed.

Users that have not accessed a system or information within 60 days will have their

access either removed or modified as needed. System owners/managers will be

informed as needed before access is impacted.

Employees on Leave/User Access:

If an employee is on leave for any reason, their system access must be suspended

when they are placed on leave. This includes access to company email as well as

company devices including computers, mobile devices, etc.

Access should remain off until the employee is returned to an active status if they

are returning to the same role and same responsibilities. If they are returning to a

different role or job responsibilities, a new/modified user access request should be

submitted through our company process.

When warranted and for specific business reasons, an executive leader (CEO or his

designee’s) can approve for user access to remain on while an employee is on-leave.

Requests of this nature for an executive leader (CEO or his designee’s) review are

handled through our Human Resource Department.

Made with Publuu - flipbook maker