NeftalyApp Courses Partner Invest Corporate Charity Divisions

Neftaly Staff

Neftaly Email: sayprobiz@gmail.com Call/WhatsApp: + 27 84 313 7407

Neftaly Human Capital End-User and Account Management Policy, Procedures, Processes, Templates, Documents and Forms NeftalyP174

Document Code: NeftalyP174
Approved By: Chief Executive Officer (CEO)
Date Approved: 31 October 2025
Review Date: 28 November 2026

Policy Owner: Neftaly Chief Human Capital Officer, NeftalyCHCR

NeftalyP174-1 Overview

NeftalyP174-1-1 The Neftaly Human Capital End-User and Account Management Policy (NeftalyP174) provides a structured framework for managing all digital accounts, access rights, and end-user responsibilities within Neftaly. This ensures secure, efficient, and compliant management of organizational systems and data.

NeftalyP174-2 Purpose

NeftalyP174-2-1 The purpose of this policy is to:

  • NeftalyP174-2-1-1 Establish clear guidelines for account creation, access, usage, and termination.
  • NeftalyP174-2-1-2 Protect organizational data and digital resources from unauthorized access.
  • NeftalyP174-2-1-3 Promote accountability, security awareness, and responsible use of IT systems.
  • NeftalyP174-2-1-4 Ensure compliance with legal, regulatory, and internal security standards.

NeftalyP174-3 Scope

NeftalyP174-3-1 This policy applies to:

  • NeftalyP174-3-1-1 All Neftaly Human Capital, including Officers, Deputy Chiefs, Royal Directors, and Non-Executive Members.
  • NeftalyP174-3-1-2 All organizational systems, platforms, applications, and digital resources requiring user accounts.
  • NeftalyP174-3-1-3 External partners, contractors, or vendors granted access to Neftaly systems.

NeftalyP174-4 Policy Statement

NeftalyP174-4-1 Neftaly is committed to ensuring that all end-users access organizational systems securely and responsibly. Accounts are issued, monitored, and revoked in accordance with role-based requirements, organizational policies, and security standards. Unauthorized access, sharing credentials, or misuse is strictly prohibited.

NeftalyP174-5 Core Principles

  • NeftalyP174-5-1 Authorization: Access is granted based on role, responsibility, and operational need.
  • NeftalyP174-5-2 Confidentiality: Account credentials and sensitive information must remain secure.
  • NeftalyP174-5-3 Accountability: Users are responsible for all actions performed under their accounts.
  • NeftalyP174-5-4 Compliance: Adherence to organizational and regulatory standards is mandatory.
  • NeftalyP174-5-5 Monitoring: Access and account activity are monitored to detect misuse or breaches.

    NeftalyP174-6 Procedures and Processes

    NeftalyP174-6-1 Account Creation and Assignment

    • NeftalyP174-6-1-1 Requests for new accounts must be submitted using NeftalyF174-01 Account Request Form.
    • NeftalyP174-6-1-2 CHCO and IT administrators review and approve access based on role and security requirements.
    • NeftalyP174-6-1-3 All accounts are provisioned with unique credentials and assigned appropriate permissions.

    NeftalyP174-6-2 Account Usage

    • NeftalyP174-6-2-1 End-users must follow NeftalyT174-01 Account Usage Guidelines Template for secure and responsible use.
    • NeftalyP174-6-2-2 Multi-factor authentication is required where applicable.
    • NeftalyP174-6-2-3 Sharing of passwords or accounts is strictly prohibited.

    NeftalyP174-6-3 Access Review and Modification

    • NeftalyP174-6-3-1 Regular audits are conducted to review account access and privileges using NeftalyD174-01 Access Review Log.
    • NeftalyP174-6-3-2 Changes in roles, responsibilities, or status require timely modification of account permissions.

    NeftalyP174-6-4 Account Termination

    • NeftalyP174-6-4-1 Accounts must be deactivated immediately upon resignation, termination, or role change using NeftalyF174-02 Account Termination Form.
    • NeftalyP174-6-4-2 IT administrators ensure recovery or removal of organizational data from terminated accounts.

    NeftalyP174-6-5 Incident Management

    • NeftalyP174-6-5-1 Suspected account compromise or unauthorized access must be reported using NeftalyF174-03 Security Incident Report Form.
    • NeftalyP174-6-5-2 CHCO and IT administrators investigate incidents and implement corrective actions.

    NeftalyP174-6-6 Training and Awareness

    • NeftalyP174-6-6-1 Provide periodic training on account security, password management, and secure usage using NeftalyR174-01 End-User Security Training Template.
    • NeftalyP174-6-6-2 Maintain training records in NeftalyD174-02 Training Log.

    NeftalyP174-7 Roles and Responsibilities

    RoleResponsibilities
    Chief Executive Officer (CEO)Approves end-user and account management policy and ensures organizational alignment.
    Chief Human Capital Officer (CHCO)Oversees account management compliance, approves access requests, and coordinates with IT.
    Royal DirectorsEnsure team members follow policy, monitor compliance, and report incidents.
    Deputy ChiefsSupport end-user compliance and supervise proper account usage within their teams.
    OfficersFacilitate account provisioning, monitor usage, and report anomalies.
    Human CapitalUse accounts responsibly, safeguard credentials, and report incidents promptly.

    NeftalyP174-8 Documentation and Templates

    • NeftalyP174-8-1 NeftalyF174-01: Account Request Form
    • NeftalyP174-8-2 NeftalyF174-02: Account Termination Form
    • NeftalyP174-8-3 NeftalyF174-03: Security Incident Report Form
    • NeftalyP174-8-4 NeftalyT174-01: Account Usage Guidelines Template
    • NeftalyP174-8-5 NeftalyR174-01: End-User Security Training Template
    • NeftalyP174-8-6 NeftalyD174-01: Access Review Log
    • NeftalyP174-8-7 NeftalyD174-02: Training Log

    NeftalyP174-9 Compliance and Monitoring

    • NeftalyP174-9-1 CHCO and Royal Directors ensure adherence to this policy through audits, access reviews, and monitoring.
    • NeftalyP174-9-2 Violations, misuse, or negligence may result in corrective measures or disciplinary action.

    NeftalyP174-10 Review and Evaluation

    NeftalyP174-10-1 This policy will be reviewed annually by CHCO and approved by the CEO to ensure alignment with evolving security standards, organizational needs, and regulatory requirements.

    NeftalyP174-11 Frequently Asked Questions (FAQs)

    Q1: Who approves account access requests?
    A: CHCO and IT administrators approve access based on role and security requirements.

    Q2: Can accounts be shared among Human Capital?
    A: No, sharing of credentials or accounts is strictly prohibited.

    Q3: How are terminated accounts handled?
    A: Accounts are deactivated immediately, and organizational data is secured or removed.

    Q4: What should I do if I suspect my account is compromised?
    A: Report immediately using NeftalyF174-03 Security Incident Report Form.

    Q5: Is training required for end-users?
    A: Yes, periodic security and account usage training is mandatory.

    Approved By:
    Neftaly Malatjie
    Chief Executive Officer