Page 51 - 4-Level Funnel Diagram Design for PowerPoint
P. 51
Access is Periodically Monitored
STEP 3
A report of user access capability and role is periodically reviewed
to validate current user role assignment.
This report would include the user account; the person’s name,
job title, location, and application role; and other information
that will allow the reviewer to validate the appropriateness of
users and roles.
Be aware that these reports may show the user and a role but
may not show any additional access capability assigned.
Access
Reviewers are trained on the manner in which such reviews are to
be performed.
o If audit trails exist, user’s activity within the application could also
be reviewed. Such a review is highly dependent on the audit trails
within the application.
o Activity of users with privileged access capability is a primary area
for evaluation.
o Unauthorized changes to system resources, like configuration
parameters, should be reviewed.
