Text of Recommendation | DO management should: Develop policies and procedures for performing the quarterly review and reauthorization of privileged OS access, which specify: How to document the review of user access for continued appropriateness and the resulting determinations. Assignment of individual(s) responsible for performing the review(s) across the various privileged OS domains/groups/accounts, who are independent of the access they review and are of the appropriate authority. Identification/Inventory of the privileged OS domains/groups/accounts that are subject to review, to include any privileged OS service groups/accounts. |
---|---|
Recommendation Number | 2-1 |
Recommendation Status | Open |
Significant Recommendation | Yes |
Recommendation Questioned Costs | $0 |
Recommendation Funds for Better Use | $0 |
Submitting OIG | |
---|---|
Linked Report |