Internal Access Control to Agent Systems. 9.1. Allocation and use of privileges within the Agent systems will be restricted and controlled using appropriate procedures for authorization and control. 9.2. Appropriate mechanisms for user authentication and authorization will be maintained in accordance with a “least privilege” policy based on need to know for the role. 9.3. Controls will be maintained to enforce rigorous access restrictions for remote users. contractors and service providers. 9.4. Timely and accurate administration of user accounts and authentication management will be implemented. including a periodic recertification process. based on the criticality of the system. 9.5. The following processes will be maintained: processes to ensure assignment of unique IDs to each person with system access; processes to ensure Agent-supplied defaults for passwords and security parameters are changed and appropriately managed; processes to disable access to inactive accounts or accounts of terminated/transferred users in a timely manner.
Appears in 4 contracts
Samples: Service Agreement for Transfer Agent Services (John Hancock Premium Dividend Fund), Service Agreement for Transfer Agent Services (John Hancock Tax-Advantaged Global Shareholder Yield Fund), Service Agreement for Transfer Agent Services (John Hancock Investors Trust)
