| 📝 AWS CloudTrail Root Account Usage Monitoring is not enabled 🟢 | | 🟢 x3 |
| 📝 AWS IAM User has inline or directly attached policies 🟢 | 1 | 🟠 x1, 🟢 x5 |
| 📝 AWS IAM User is not managed centrally in multi-account environments 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Admin accounts are not used for daily operations 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Guest Invite Settings is not set to Only Users Assigned To Specific Admin Roles Can Invite Guest Users 🟢 | 1 | 🟢 x6 |
| 📝 Microsoft Entra ID Guest Users are not reviewed on a regular basis 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Guest Users restricted to their own directory objects 🟢 | 1 | 🟢 x6 |
| 📝 Microsoft Entra ID Owners Can Manage Group Membership Requests In The Access Panel is set to Yes 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Restrict User Ability To Access Groups Features In The Access Pane is set to No 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID User Consent For Applications is not set to Allow From Verified Publishers 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID User Consent For Applications is not set to Do Not Allow User Consent 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID User Settings Restrict Access To Microsoft Entra Admin Center is set to No 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Users Can Create Microsoft 365 Groups In Azure Portals, API Or PowerShell is set to Yes 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Users Can Create Security Groups In Azure Portals, API Or PowerShell is set to Yes 🟢 | | 🟢 x3 |
| 📝 Microsoft Entra ID Users Can Register Applications is set to Yes 🟢 | 1 | 🟢 x6 |
| 📝 Snowflake User Default Role is ACCOUNTADMIN 🟢 | 1 | 🟢 x6 |
| 📝 Snowflake User Default Role is not set 🟢 | 1 | 🟢 x6 |