Controls

Terug naar overzicht
Version

SB.10.001 Privilege account monitoring

Logging & Monitoring
Medium
Medium
Medium
System Owner
v2.0 (Q1 2024)

Description

Creation of new accounts with privileged authorisations, mutations in user groups through which privileged authorisations can be obtained and changes in passwords for non-personal privileged accounts are approved

Potential abuse cases for the (attempted) use of privileged authorisations are defined and monitoring impemented for these cases. False positive situations are approved by the System Owner before being allowed.

Specification

An audit trail on priviliged accounts is available. Approval is stored in a durable manner and kept for at least one year.

Specification

ISO

NBA