Which of the following is the BEST practice to ensure that access authorizations are still valid?
information owner provides authorization for users to gain access
identity management is integrated with human resource processes
information owners periodically review the access controls
An authorization matrix is used to establish validity of access
Personnel and departmental changes can result in authorization creep and can impact the
effectiveness of access controls. Many times when personnel leave an organization, or employees
are promoted, transferred or demoted, their system access is not fully removed, which increases
the risk of unauthorized access. The best practices for ensuring access authorization is still valid is
to integrate identity management with human resources processes. When an employee transfers
to a different function,access rights are adjusted at the same time.