{"id":108,"date":"2025-02-03T15:45:58","date_gmt":"2025-02-03T20:45:58","guid":{"rendered":"https:\/\/boulart-policies.test\/?p=108"},"modified":"2025-02-17T15:29:55","modified_gmt":"2025-02-17T20:29:55","slug":"access-control-policy","status":"publish","type":"post","link":"https:\/\/politiques.boulart.com\/en\/it-en\/access-control-policy\/","title":{"rendered":"Access Control Policy"},"content":{"rendered":"\n<div class=\"wp-block-group has-small-font-size is-horizontal is-content-justification-left is-nowrap is-layout-flex wp-container-core-group-is-layout-af3ec496 wp-block-group-is-layout-flex\">\n<p><strong>Modified date<\/strong><\/p>\n\n\n<div class=\"wp-block-post-date__modified-date wp-block-post-date\"><time datetime=\"2025-02-17T15:29:55-05:00\">17 February 2025<\/time><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Objective<\/h2>\n\n\n\n<p>The objective of this Policy is to establish the rules for granting, managing and revoking access to the Company\u2019s information systems and data.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Scope<\/h2>\n\n\n\n<p>This Policy applies to all permanent employees, contractual employees and third-party users with access to the Company\u2019s information systems.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Policy Statement<\/h2>\n\n\n\n<p>Access to the Company\u2019s information systems and data will be granted according to the least privilege principle, guaranteeing that the users have the minimum access level necessary to accomplish their duties.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Roles and Responsibilities<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>IT Department<\/strong>: responsible for the implementation and maintenance of the access control measures.<\/li>\n\n\n\n<li><strong>Managers<\/strong>: responsible for approval of access requests.<\/li>\n\n\n\n<li><strong>Employees<\/strong>: responsible for responsible use of their access privileges and reporting of every security incident.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Access Control Principles<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Least Privilege<\/strong>: the users\u2019 access will be limited to the information and resources necessary for their duties.<\/li>\n\n\n\n<li><strong>Role-based Access Control<\/strong>: the access permissions will be granted according to the user\u2019s role within the Company.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Access Control Measures<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Authentication: the users must authenticate themselves by using robust passwords and multi-factor authentication (MFA).<\/li>\n\n\n\n<li>Authorization: the access permissions will be granted according to the predefined roles and responsibilities.<\/li>\n\n\n\n<li>Monitoring and Audit: annual audits will be conducted to ensure compliance with the Access Control Policy.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Incident Management<\/h2>\n\n\n\n<p>Every suspected or confirmed security incident must be reported immediately to the IT Department. An investigation will be conducted by the Operational Security Centre and the appropriate measures will be applied.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Compliance with the Policy<\/h2>\n\n\n\n<p>Non-compliance with this Policy may result in disciplinary measures up to cancellation of the contract of employment.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Contact<\/h2>\n\n\n\n<p>For any questions or requests for information, we invite you to contact the person below, who will be happy to assist you.<\/p>\n\n\n\n<p>IT Director: <a href=\"ppilote@boulart.com\">Patrick Pilote<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Modified date Objective The objective of this Policy is to establish the rules for granting, managing and revoking access to the Company\u2019s information systems and data. Scope This Policy applies to all permanent employees, contractual employees and third-party users with access to the Company\u2019s information systems. Policy Statement Access to the Company\u2019s information systems and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[25],"tags":[],"class_list":["post-108","post","type-post","status-publish","format-standard","hentry","category-it-en"],"acf":[],"_links":{"self":[{"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/posts\/108","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/comments?post=108"}],"version-history":[{"count":2,"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/posts\/108\/revisions"}],"predecessor-version":[{"id":157,"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/posts\/108\/revisions\/157"}],"wp:attachment":[{"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/media?parent=108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/categories?post=108"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/politiques.boulart.com\/en\/wp-json\/wp\/v2\/tags?post=108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}