Prev Question
Next Question

Which of the following is the BEST practice to ensure that access authorizations are still valid?

A.
information owner provides authorization for users to gain access

B.
identity management is integrated with human resource processes

C.
information owners periodically review the access controls

D.
An authorization matrix is used to establish validity of access

Explanation:
Personnel and departmental changes can result in authorization creep and can impact the
effectiveness of access controls. Many times when personnel leave an organization, or employees
are promoted, transferred or demoted, their system access is not fully removed, which increases
the risk of unauthorized access. The best practices for ensuring access authorization is still valid is
to integrate identity management with human resources processes. When an employee transfers
to a different function,access rights are adjusted at the same time.

Prev Question
Next Question
Tagged:

Leave a Reply

Your email address will not be published. Required fields are marked *