16: Account Monitoring and Control

PF v1.0 References:

Control Statement

Actively manage the life cycle of system and application accounts – their creation, use, dormancy, deletion – in order to minimize opportunities for attackers to leverage them.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]


16.7: Establish Process for Revoking Access

Establish and follow an automated process for revoking system access by disabling accounts immediately upon termination or change of responsibilities of an employee or contractor . Disabling these accounts, instead of deleting accounts, allows preservation of audit trails.