IT Examiner School, Seaside, CA

Control Applications

Different stages of control include:

• Preventative

• Detective

• Corrective

User Access Rights

• Process – add, delete, change access rights • Remove/restrict access (AD – Active Directory) • Periodic reviews/ re-approval based on changes (promotion, demotion, job function) • Assignment of user rights (based on Job Function) • Time of day/ day of week restrictions • Prohibit shared privileged access by multiple users • Authentication based on user profile • Logging/review of privileged access (administrator access)