Determine Business Rules for Resources
Jump to navigation
Jump to search
| Go back |
|---|
For each resource you identified, you must now collect or document its access policy.
It is likely that all of the identified resources already have documented access policies. For example, a resource's access policy might be as simple as the following:
- Any user who is a sworn law enforcement officer may access this resource.
Or a resource's access policy might be more complicated, such as this:
- The user must be a sworn law enforcement officer.
- The user must also have NCIC certification and criminal history privileges.
Many resources with their access policies are listed on the NIEF federation Web site at https://nief.org/ for NIEF participants.
In the unlikely event that your organization does not already have documented access control policies, you will need to work through the process of writing them and getting the appropriate approval(s) to provide those resources to federation members.
| Go back |
|---|