1. Purpose
This policy defines how AFINCE grants, reviews, modifies, and removes access to systems that process personal information, read-only financial data, support records, logs, and administrative functions.
2. Principles
- Least privilege: access is limited to the minimum needed for approved work.
- Need to know: sensitive data access is restricted to operational, support, security, or legal needs.
- Separation of duties: privileged changes should not be made without appropriate accountability.
- Traceability: privileged access and sensitive administrative actions should be attributable to an individual account where practical.
3. Access Approval
New access to production, financial-data, authentication, database, hosting, analytics, and support systems must be approved by an owner or administrator. Shared accounts are avoided where practical. Administrative access is granted only when required.
4. Privileged Access
Privileged accounts must use strong authentication and MFA where supported. Administrative access should be time-limited or removed when no longer required. Production data access is limited to support, troubleshooting, security, legal, or operational needs.
5. Reviews and Offboarding
Access should be reviewed periodically and whenever a person's role changes. Access is removed promptly when a team member, contractor, vendor, or service no longer requires it.
6. Logging and Monitoring
AFINCE maintains logs for security-relevant administrative actions where supported by the platform. Logs may be reviewed for support, security investigation, compliance, and abuse prevention.
7. Vendors
Vendor access is limited to the minimum needed to provide services. Vendors that process sensitive information should provide appropriate security and confidentiality commitments.
8. Exceptions
Exceptions may be approved for operational need, but should be documented, limited in scope, and reviewed for removal.