PB 22164 - September 29, 2005 - USPS.com® - About

More documents

Recommendations

Info

92 POSTAL BULLETIN 22164 (9-29-05) For Contract Employees PDAs for contract employees must be approved and funded by their PCES manager. Their job duties must require after-hours communications, availability, or immediate communications capability to support the function of the organization. 9-4.5 Eligibility General Managers should consider these guidelines when determining the need to provide PDAs to noncritical positions: a. An employee’s job duties require after-hours communications to support the function of that employee’s organization. b. An employee’s job duties require immediate communications to support the function of that employee’s organization. Contract Employees Contract employee job duties must require after-hours communications, availability, or immediate communications capability to support the function of the organization. FLSA Non-Exempt and Bargaining Unit Employees FLSA non-exempt and bargaining unit employees are not eligible to receive PDAs. 9-4.6 Provisioning PDAs/Blackberry Outlook Account Requirement Users must have an ACE/Exchange (Outlook) account before a connection will be configured. No hardware or service will be provided for users who do not have an active Outlook account. For New Service To establish a new Blackberry device, complete the following steps: 1. Prepare and process an eBuy request, and obtain approval from your PCES manager. Cost and plan information is in the Cost&Rates.xls file located at: http://it-blackberry. The GL Account number is 54405. 2. Go to eAccess, request access, and choose ACE Blackberry at the “application requested” prompt. Complete all information requested and obtain approval. (The devices will be shipped to the requestor’s address specified on the eBuy.) 3. Complete the self-activation instructions detailed at: http://it-blackberry. Note: If you need help in activating your device, contact the IT Corporate Help Desk at 800-USPS-HELP (800-877-7435). When prompted by the Integrated Voice Response (IVR) system, say “BlackBerry.” 9-4.7 Help Desk Support Account Setup, Transfer, Problem Resolution Contact the IT Corporate Help Desk at 800-USPS-HELP (800-877-7435). When prompted, say “BlackBerry.” Note: For lost or stolen devices, contact the IT Help Desk immediately for assistance in disabling the device. After the device is disabled and it is reasonably determined that it is not recoverable, a replacement device can be obtained through the standard order process described here. Repair and Replacement Service Contact the IT Corporate Help Desk. For a hardware problem and/or broken device, the Blackberry may be replaced through warranty. See the process at: http://it-blackberry. 9-4.8 Inventory Tracking All PDAs must be inventoried and tracked using the national Asset Information Management System (AIMS). Headquarters Computing Infrastructure Services (HCIS), IT HCIS is responsible for entering and tracking (in AIMS) those PDAs assigned to Headquarters-domiciled employees. Area, District, and BMC IT Managers Area, district, and BMC managers are responsible for entering and tracking PDAs issued to their field employees. 9-4.10 What To Do When a Position or Job Duty Changes General Because devices are assigned according to position, job duties, and/or responsibilities, you must do the following when there is a change: a. When a position is cancelled, return the device to the address below for reissue or inventory surplus as appropriate. WIRELESS AND PDA NATIONAL PROGRAM OFFICE 475 L’ENFANT PLAZA SW ROOM 2P659 WASHINGTON DC 20260-0651 b. When an employee leaves a position, return the device to the Wireless and PDA National Program Office for configuring and reissue to the new employee for that position. eAccess Update All transfers of Blackberry devices from one person to another must be supported by an update to the eAccess system. For contractors, the contracting officer representative (COR) must revoke access account; for postal employees, the PCES manager is responsible for revoking the account. * * * * * — Headquarters Computing Infrastructure Services, Information Technology, 9-29-05
POSTAL BULLETIN 22164 (9-29-05) HANDBOOK AS-805 REVISION Information Security Effective September 29, 2005, Handbook AS-805, Information Security, is revised as follows to address: Gaining access to controlled areas. Updating the facility business continuance management planning section. Registering applications in eAccess. Implementing an acceptance of responsibility letter for documented vulnerabilities that will not be mitigated. Implementing patch management of information resources. Updating Appendix A. Updating Appendix B. We will incorporate these revisions into the next online update of Handbook AS-805 available on the Postal Service PolicyNet Web site: Go to http://blue.usps.gov. Under “Essential Links” in the left-hand column, click on References. Under “References” in the right-hand column, under “Policies,” click on PolicyNet. Then click on HBKs. (The direct URL for the Postal Service PolicyNet Web site is http://blue.usps.gov/cpim.) Handbook AS−805, Information Security * * * * * 7 Physical and Environmental Security * * * * * 7-2 Roles and Responsibilities * * * * * 7-2.6 All Personnel All personnel are responsible for the following: * * * * * [Reletter current items b through e as new items d through g. Add new items b and c to read as follows:] b. Always using their physical and technology electromechanical access control identification badge or device to gain entrance to a controlled area. c. Ensuring no one tailgates into a controlled area on their badge. * * * * * 93 7-3 Facility Security * * * * * 7-3.1 Physical Access Controls * * * * * 7-3.1.3 Access to Controlled Areas [Revise 7-3.1.3 to read as follows:] Access to controlled areas is restricted to personnel whose duties require access to such facilities and who possess appropriate security clearances. Access to controlled areas must be authorized and tailgating is not allowed. Access to controlled areas must be controlled by electromechanical means. Personnel authorized access to the controlled areas must always use their physical and technology electromechanical access control identification badge or device to gain entrance to the controlled area. It is their responsibility to ensure no one tailgates on their badge. Personnel without an authorized physical and technology electromechanical access control identification badge or device must be escorted by authorized personnel while in the controlled area. * * * * * [Revise the title and text of 7-3.4 to read as follows:] 7-3.4 Facility Business Continuance Management Planning Physical security requirements must be included in facility business continuance management (BCM) planning to ensure the appropriate protection of information resources following a catastrophic event (see Chapter 12). * * * * * 8 System, Applications, and Product Development * * * * * 8-2 Roles and Responsibilities * * * * * 8-2.6 Portfolio Managers Portfolio managers are responsible for the following: * * * * * [Reletter current items e through g as new items f through h. Add new item e to read as follows:] e. If a documented vulnerability will not be mitigated, preparing and signing an acceptance of responsibility letter as part of the ISA process. * * * * *
Page 2 and 3:
2 POSTAL BULLETIN 22164 (9-29-05) C
Page 4 and 5:
4 POSTAL BULLETIN 22164 (9-29-05) P
Page 6 and 7:
6 POSTAL BULLETIN 22164 (9-29-05) C
Page 8 and 9:
8 POSTAL BULLETIN 22164 (9-29-05) N
Page 10 and 11:
10 POSTAL BULLETIN 22164 (9-29-05)
Page 12 and 13:
Page 14 and 15:
Page 16 and 17:
Page 18 and 19:
Page 20 and 21:
Page 22 and 23:
Page 24 and 25:
Page 26 and 27:
Page 28 and 29:
Page 30 and 31:
Page 32 and 33:
Page 34 and 35:
Page 36 and 37:
Page 38 and 39:
Page 40 and 41:
Page 42 and 43: 42 POSTAL BULLETIN 22164 (9-29-05)
Page 136: 475 L’ENFANT PLAZA SW WASHINGTON
show all

PB 22164 - September 29, 2005 - USPS.com® - About

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?