In formulating an account management policy, implement the following and document the formulated policy.
Identify the necessary roles of the relevant system based on "Types of user". Additionally, organize personnel for each role.
Organize accounts with the appropriate privileges for each role, and decide on account policies.
Database administrator account
Organize separate accounts for database administrators and database operators
Ensure that the database administrator account can only be used by specific persons
Perform tasks that do not require database administrator privileges using a separate account without database administrator privileges
General account
Create an account for general users by application usage.
Review the accounts in order to effectively implement security measures.
Regularly check the accounts mentioned above and their privileges, and determine if they are still appropriate
If there have been system or operational changes, review the accounts and privileges
If unsuitable accounts and privileges are discovered, modify them as required
