Request Security Access Reports
Request Security Access Reports: Agency Security Officers (ASO) may have a need to request security access reports outside of the normal distribution schedule. ASOs may also require reports on user activity, such as the dates that a user logged in, a user’s after hours log in times, etc.
Agency Security Officers Requiring Security Access Reports should contact the Operations and Security Center Reporting Team via NFC ServiceNow or send inquiries to ocio-disc-ehsd-sdceb-sd-reporting@usda.gov.
Review Security Access Reports
Agency Security Officers must view security access reports at least quarterly to ensure that users’ access is commensurate with their job responsibilities. Agency Security Officers must also ensure at least quarterly that users’ accounts are assigned the least privileged access required to complete their job functions, and that users’ accesses enforce separation of duties. If separation of duties cannot be enforced, for example, due to limited staffing, Agency Security Officers should ensure that compensating controls, such as reports to monitor user activity, are in place.
If Agency Security Officers determine that access changes are required as a result of reviewing these reports, it is the Agency Security Officers’ responsibility to take the necessary action to request modification of the security access and keep accurate records of those changes (report distribution e-mails, security access request e-mails, etc.) as proof that as a result of the report review, the necessary access changes were made.