DPAS SCR: 01798
- SCR Number
01798
- Title
DPAS Account lock ability for Annual User Audit
- DPAS Module
Enterprise
- Reporting Organization
Leidos
- State
New
- History
Submitted: 18 August 2022
- Description
Description:For accounts that are suspended due to non-compliance of the Annual User Audit, we do not have a way to lock these accounts from being reset until is appropriate. When user accounts are suspended (active box unchecked) because the IO group has not provided a response for the Annual User Audit, there is nothing preventing Help Desk support from being able to reset the account unknowingly. I am proposing a lock feature or new status ability be given to assist Security Officers with audit compliance. The Help Desk should retain their currently ability to reset accounts; however, we also need a method that allows for Sec Officers to lock particular accounts that can only be unlocked by a Sec Officer.Recommended:Provide ability to lock certain user accts from being reset until IO completes Annual User Audit. Potentially a new status or lock feature that only Security officers could update those particular accounts back to active status when appropriate.Mission Critical:This functionality supports audit readiness.Benefits:The solution supports audit readiness and user review compliance so that users do not get access to their account before they should.Users:This change would impact internal support staff.