Title Page
-
Site conducted
-
Conducted on
-
Prepared by
Data Collection & Analysis Phase
Compile User List
-
Compile User List: List all the users who have access to the resources in scope.
-
What Issues Were Found?
Gather Permission Sets
-
Gather Permission Sets: Identify what level of permissions each user has.
-
What Issues Were Found?
Fetch Historical Data
-
Fetch Historical Data: Retrieve logs to see when and how often users are accessing the resources.
-
What Issues Were Found?
Cross-Reference
-
Cross-Reference: Match users to their roles and the corresponding role-based permissions, if applicable.
-
What Issues Were Found?
Inactive Users
-
Inactive Users: Identify accounts that haven't been accessed in a long time.
-
What was found?
Over-Privileged Users
-
Over-Privileged Users: Identify accounts with more access than necessary for their role.
-
What was found?
Under-Privileged Users
-
Under-Privileged Users: Look for accounts that might need more access to perform their roles effectively.
-
What was found?
Unusual Activity
-
Unusual Activity: Flag any abnormal access patterns or behaviors.
-
What was the unusual activity?
Review & Remediation Phase
-
Internal Validation: IT admins review the findings and validate the anomalies.
-
What Issues were found?
-
Business Validation: Department heads or role owners confirm if the observed access levels are required or not.
-
Compliance Check: Ensure all access aligns with any compliance policies or laws that are relevant to your industry or company.
-
Documentation: Record findings, approvals, and any actions taken.
-
Revoking Access: Remove any unnecessary permissions or accounts.
-
What accounts were revoke permissions and what permissions were revoked?
-
Modifying Access: Adjust permissions to align with the principle of least privilege.
-
What Permissions?
-
User Notification: Inform users about the changes in their access levels, if necessary.
-
What users?
