| 1. The system administrator and project manager shall determine if it is necessary to assign group accounts to support system operations and mission. |
2. Once it is determined that group accounts are required to support system maintenance and operations and/or network access, the system administrator and the project manager shall determine if group authenticators can be used based on the DOD PKI.
3. If the DOD PKI can be used, the system administrator shall coordinate with the DOD PKI Program Office for use of group accounts.
4. If the DOD PKI cannot be used, the project manager submits a request for an approval to DAA and obtains an approval from DAA.
5. For the group accounts to support application maintenance and functions or network access, the system and network administrators shall perform the following:
· Identify individual groups that require group accounts
· Identify users for each group, maintain the list of users, and update the list
· Determine the group accounts depending on group functions
· Assign individual group accounts and a unique password for individual groups
· Distribute the passwords to the users securely