>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAM-03Logical Access De-provisioning

>Control Description

Logical access that is no longer required in the event of a termination is documented, communicated to management, and revoked.

Theme

Process

Type

Preventive

Policy/Standard

Access Management Procedure

>Implementation Guidance

1. Design and document a process for Logical Access and requirements for access de-provisioning. 2. Ensure access termination logic is mandated in the access management portal accordingly.

>Testing Procedure

1. Inspect Organization's Logical Access Account Standard to determine whether the requirements for access de-provisioning or terminations were defined. 2. Inspect the list of system generated population of terminated full-time and temporary employees and contractors from the HR system. 3. Inspect configurations to determine that user accounts are disabled after they are no longer required.. 4. Inspect removals from the access management tool for a selection of terminations.

>Audit Artifacts

E-IAM-01
E-IAM-02
E-IAM-07

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

NIST CSF
1

PR.AC-1

CIS Controls
2

6.2
15.7

FedRAMP Rev 5
3

AC-02
PS-04
AC-02 (02)

PCI DSS
2

8.2.4
8.2.5

HIPAA Security Rule
7

164.308(a)(3)(i)
164.308(a)(3)(ii)(B)
164.308(a)(3)(ii)(C)
164.308(a)(4)(i)
164.308(a)(4)(ii)(C)
164.312(a)(1)
+1 more

SOC 2
2

CC6.2
CC6.3

Cyber Essentials
2

UAC
SC

BSI C5
4

IDM-01
IDM-02
IDM-03
IDM-04

TX-RAMP
2

AC-2
PS-4

Ask AI

Configure your API key to use AI features.