Authorization Control. Entco will grant access authorizations on a "need-to-know" and "need-to-do" basis (lowest possible rights). Examples include access authorizations for task-related authorization schemes, user profiles, and functional roles. An access authorization will be sought on the basis of the role scheme and approved by the relevant supervisor. Additional control instances will be integrated into the approval process. For technical access security, Entco will use recognized security systems such as RACF, Active Directory, etc. Existing user accounts will be checked periodically and deleted or changed in the event that a user's tasks change. The responsibility for user accounts must be clearly assigned; representations are defined allowed in the current policies.
Appears in 3 contracts
Sources: Saas Agreement, Software as a Service Agreement, Software as a Service Agreement