2.4.

User Profile Management

2.4.6.1

Application for User Profile

2.4.6.1.1

User may secure a System Profile Application

Form (SPAF) or Internet and Email Application
Form (IEAF) from the PVB Intranet Portal or IT-SAD.
The SPAF/IEAF shall contain pertinent information
regarding the user and nature of request. See Exhibit
4.1 and 4.4

2.4.6.1.2.

The user shall be responsible for accomplishing

the SPAF/IEAF and seeking advice for appropriate
access level and other specifications with proper
endorsement from the
group/division/department/branch manager.

2.4.6.1.3.

All SPAFs / IEAFs shall be reviewed and

Authorized by the Division Head, or his designate.

2.4.6.1.4.

SPAFs / IEAFs submitted to IT-SAD shall be

Reviewed by the SSAD Head and approved by the ITSAD Head.

2.4.6.1.5.

The internet approval shall be made by the

CIO. In case of her absence, authorization and approval
shall be made by two signatories, the IT-SAD Head and
ITOD Head.

2.4.6.1.6.

Users who can access internal system should

Be required to sign an Acceptable-Use Policy (AUP)
before using the system. Refer to procedure on
Appendix F and Exhibit 4.14
-Acceptable Use Policy Form.

2.4.6.4. Handling Locked Out User Profiles

2.4.6.4.1.

User accounts may be locked out in cases of

Of exhaustion of password retires.

2.4.6.4.2.

The user shall report lock out directly to the

DB Administrator through a System Profile
Reactivation Form (SPRF). See Exhibit 4.2.

2.4.6.4.3.

The SPRF shall contain pertinent data about the

user(including SSS or TIN) for validation/verification.

2.4.6.4.4.

The user shall be responsible for accomplishing

The SPRF and seeking endorsement from the
Department/Branch Manager and approved by the
Division Head.

2.4.6.4.5.

Once validated, the DBA shall seek approval

From the IT-SAD Head.

2.4.6.4.6.

User account shall not be reactivated without

The review of SSAD Head and approval of the IT-SAD
Head.

2.4.6.4.7.

Once a lock out is detected and fixed, such

Incident shall be logged in the EPMS.