πΌ CC6.3-2 Removes Access to Protected Information Assets
- Contextual name: πΌ CC6.3-2 Removes Access to Protected Information Assets
- ID:
/frameworks/soc-2/cc6/03/02 - Located in: πΌ CC6.3 The entity authorizes, modifies, or removes access to data, software, functions, and other protected information assets based on roles, responsibilities, or the system design and changes, giving consideration to the concepts of least privilege and segregation of duties, to meet the entity's objectives.
Descriptionβ
Processes are in place to remove access to protected information assets when an individual no longer requires access.
Similarβ
- Internal
- ID:
dec-c-31c79d5f
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (3)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Google GCE Instance is configured to use the Default Service Account π’ | 1 | π’ x6 |
| π Google GCE Instance is configured to use the Default Service Account with full access to all Cloud APIs π’ | 1 | π’ x6 |
| π Google IAM Service Account has admin privileges π’ | 1 | π’ x6 |