Identity and Access Management Standard

Identity and Access Management Standard

Identity and Access Management Standard describes the management of individuals, their authentication, authorization, and privileges within or across system and enterprise boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks.

This standard documents the security requirements for identity and access management within the Company.

The objectives of the standard are to:

a. Provide a statement of intent describing how identity and access management will be carried out in accordance with the Information Security and other requirements

b. Describe any system functionality / parameters that are necessary to fulfil security requirements

This standard is intended to assist the Company in addressing risks related to management of identity and access including application and platform access. It’s audience consists of all IT security teams, contractors and outsourced service providers that are responsible for implementing and following this standard.

CONTENT

1. OVERVIEW
1.1 PROCEDURE OWNER
1.2 CLASSIFICATION
1.3 APPLICABLE REGULATIONS
1.4 RELATED [COMPANY] NORMS AND PROCEDURES
1.5 OBJECTIVES
1.6 AUDIENCE AND SCOPE
1.7 DOCUMENT SUPPORT
2. DEFINITIONS & ABBREVIATIONS
3. IDENTITY AND ACCESS CONTROL REQUIREMENTS
3.1 LOGICAL ACCESS PROCESS
3.2 LOGICAL ACCESS ADMINISTRATION
3.3 LEAST PRIVILEGE
3.4 REVIEW OF PERMISSIONS
3.5 PRIVILEGED ACCOUNTS
3.6 ACCOUNTABILITY
3.7 IDENTIFICATION AND AUTHENTICATION
3.8 SIGN-ON PROCESS
3.9 REVOCATION
3.10 PASSWORDS AND PINS
3.11 MONITORING AND LOGGING
3.12 AUDITING
3.13 USER AWARENESS
4. EXCEPTIONS
5. FINAL CONSIDERATIONS
5.1 DISCIPLINARY ACTIONS AGAINST PROCEDURE VIOLATION
5.2 DOCUMENT REVISION

Pages: 12

Review Identity and Access Management Standard.

Your email address will not be published. Required fields are marked *

Related Products:

€559.99

Purchase

This bundle contains all the products listed in the Identity and Access Management section. Take advantage of the 25% OFF when buying the bundle!

€79.99

Purchase

The objective of the Cryptographic Controls Standard is to outline the minimum information security controls which must be applied when cryptographic services and solutions are utilized by the Company. Specifically, this Standard focuses on key management requirements, acceptable algorithms, appropriate key lengths, and raises pertinent regulatory considerations relating to the use of cryptography.

€49.99

Purchase

The objective of this policy is to set the framework and regulations for controlling the logical access of users (employees and third-parties) to the Company information systems.

Get  Your Free Sample

Please use the form below to subscribe to our list and receive a free procedure template!
GET YOUR FREE TEMPLATE
>
close-link