Access certification
| Alternative names | Access review, Re-certification, Access re-certification, Attestation |
|---|---|
| Status | supported |
Description
Access certification is a review process aimed at reduction of unnecessary access in the system. It works by requesting certification of an access, a process where appropriate reviewers have to certify that access provided to users is still needed. Certifications are often carried out in a form of certification campaigns, certifying access of many users at once. Alternatively, small micro-certifications can be triggered, certifying access of one particular user.
Documentation
| Version | Introduction | Guides | Configuration | Examples | Plans |
|---|---|---|---|---|---|
| 4.9 | Access Certification |
||||
| Development | Access Certification |
||||
| 4.8 | Access Certification |
Related Features
Compliance
This feature is related to the following compliance frameworks:
-
ISO/IEC 27001 5.2: Information security roles and responsibilities
-
ISO/IEC 27001 5.19: Information security in supplier relationships
-
ISO/IEC 27001 5.20: Addressing information security within supplier agreements
-
ISO/IEC 27001 5.21: Managing information security in the ICT supply chain
-
ISO/IEC 27001 5.22: Monitoring, review and change management of supplier services
-
ISO/IEC 27001 5.31: Legal, statutory, regulatory and contractual requirements
-
ISO/IEC 27001 5.36: Compliance with policies, rules and standards for information security
-
ISO/IEC 27001 6.3: Information security awareness, education and training
-
ISO/IEC 27001 6.6: Confidentiality or non-disclosure agreements
-
ISO/IEC 27001 8.27: Secure system architecture and engineering principles