Screen Reader Mode Icon
What Access Control Management Means:

The processes and tools used to create, assign, manage, and revoke access credentials and privileges for user, administrator, and service accounts for enterprise assets and software. Does your organization…

Question Title

* 1. Establish and follow a process, preferably automated, for granting access to enterprise assets upon new hire, rights grant, or role change of a user.

Question Title

* 2. Establish and follow a process, preferably automated, for revoking access to enterprise assets, through disabling accounts immediately upon termination, rights revocation, or role change of a user. Disabling accounts, instead of deleting accounts, may be necessary to preserve audit trails.

Question Title

* 3. Require all externally exposed enterprise or third-party applications to enforce MFA, where supported. Enforcing MFA through a directory service or SSO provider is a satisfactory implementation of this Safeguard.

Question Title

* 4. Require MFA for remote network access

Question Title

* 5. Require MFA for all administrative access accounts, where supported, on all enterprise assets, whether managed on-site or through a third-party provider.

Question Title

* 6. Establish and maintain an inventory of the enterprise’s authentication and authorization systems, including those hosted on-site or at a remote service provider. Review and update the inventory, at a minimum, annually, or more frequently.

Question Title

* 7. Centralize access control for all enterprise assets through a directory service or SSO provider, where supported.

Question Title

* 8. Define and maintain role-based access control, through determining and documenting the access rights necessary for each role within the enterprise to successfully carry out its assigned duties. Perform access control reviews of enterprise assets to validate that all privileges are authorized, on a recurring schedule at a minimum annually, or more frequently.

0 of 8 answered
 

T