💼 A.9.2.2 User access provisioning
- ID:
/frameworks/iso-iec-27001-2013/09/02/02
Description
A formal user access provisioning process shall be implemented to assign or revoke access rights for all user types to all systems and services.
Similar
- Internal
- ID:
dec-c-e577f51c
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes | 19 | 34 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (4)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Account Root User credentials were used is the last 30 days🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS EC2 Instance IAM role is not attached🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User has inline or directly attached policies🟢 | 1 | 🟠 x1, 🟢 x5 | no data |
| 🛡️ Azure App Service is not registered with Microsoft Entra ID🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-1fc681bc | 1 | |
| ✉️ dec-x-6c93750d | 1 | |
| ✉️ dec-x-4157c58a | 1 | |
| ✉️ dec-x-e58fd8e0 | 1 |