💼 6.3 Periodic Identity Reviews

Contextual name: 💼 6.3 Periodic Identity Reviews
ID: /frameworks/cis-azure-v4.0.0/06/03
Located in: 💼 6 Identity Services

Description

Security Best Practices for Identity services should include operational reviews that periodically ensure the integrity and necessity of accounts and permissions. These operational practices should be performed regularly on a cadence that is based on your organization's policy or compliance requirements. NOTE: The recommendations in this section may not have a precise audit or remediation procedure because they may not be a configurable setting as much as they are an operative task that should be performed on a periodic basis.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 6.3.1 Ensure that Azure admin accounts are not used for daily operations (Manual)			1
💼 6.3.2 Ensure that guest users are reviewed on a regular basis (Manual)			1
💼 6.3.3 Ensure that use of the 'User Access Administrator' role is restricted (Automated)			1
💼 6.3.4 Ensure that all 'privileged' role assignments are periodically reviewed (Manual)			1

Description​

Similar​

Sub Sections​

Description

Similar

Sub Sections