IAC-17
Periodic Review of Account Privileges
Description
Mechanisms exist to periodically-review the privileges assigned to individuals and service accounts to validate the need for such privileges and reassign or remove unnecessary privileges, as necessary.
Control Question
Does the organization periodically-review the privileges assigned to individuals and service accounts to validate the need for such privileges and reassign or remove unnecessary privileges, as necessary?
Control Metadata
Domain:
Identification & Authentication
Validation Cadence:
Annual
Evidence Request List:
E-HRS-12 E-HRS-14 E-IAM-01
Framework Mappings
This control maps to the following compliance frameworks
MAS TRM
9.1.6
HKIA GL20
3.13.23.33.4