SB.10.001 Privilege account monitoring
Creation of new accounts with privileged authorisations, mutations in user groups through which privileged authorisations can be obtained and changes in passwords for non-personal privileged accounts are approved
Potential abuse cases for the (attempted) use of privileged authorisations are defined and monitoring impemented for these cases. False positive situations are approved by the System Owner before being allowed.
An audit trail on priviliged accounts is available. Approval is stored in a durable manner and kept for at least one year.