>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAM-08Shared Logical Accounts: Group Member

>Control Description

Passwords for shared and group accounts are reset when a member of the shared group leaves.

Theme

Process

Type

Preventive

Policy/Standard

Access Management Procedure

>Implementation Guidance

1. Design and document a process for Password Policy and requirements for changing password of shared and group accounts. 2. Ensure that the password is changed if a member of the shared group leaves.

>Testing Procedure

1. Inspect Organization's password policy and check requirement for changing the password for shared and group accounts are clearly defined. 2. Inspect shared credential storage tools to check the operational effectiveness and ensure passwords are changed when a member of the shared group leaves.

>Audit Artifacts

E-IAM-16
E-IAM-11

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

PCI DSS
2

8.2.2
8.2.5

Ask AI

Configure your API key to use AI features.