UCF ID: 02090 |
Control Type: Actionable Reports or measurements |
Status: Live |
Metric guidance
Calculation: The calculation for this metric is # of computer user accounts assigned to personnel who have left the organization or no longer have need for access that have been closed / # of user accounts.
Calculation source: No authority document source of information exists. The following formula was used: the number of user accounts that have been closed because the user left the organization or no longer needs access to the system in accordance with policies, standards, and procedures divided by the number of user accounts for each business unit (or the organization as a whole) .
The Common Control IDs associated with this metric are as follows:
- • Revoke the access of terminated users immediately. [UCF Control ID 00516]
• Deny access to restricted data or information immediately upon termination. [UCF Control ID 01309]
• Disable all unnecessary user IDs. [UCF Control ID 02185]
• Review access capabilities when a user's status changes. [UCF Control ID 00524]
• Review or terminate accounts and access rights upon personnel job change and termination. [UCF Control ID 00788]
Supporting and supported controls
This control directly supports:
- • Establish and maintain a user account management metrics program. [UCF Control ID 02075]
There are no supporting controls.
Authority documents complied with:
CISWG Information Security Program Elements, January 10,2005, ISPE19.2
US Federal Security Guidance
The organization must measure and report on the percentage of computer user accounts assigned to personnel who have left the organization or no longer have need for access that have been closed. Computer accounts include user accounts as well as system, group, application, or super user accounts. [ISPE19.2, CISWG Information Security Program Elements, January 10,2005]
Copyright 2005-2009 Unified Compliance Framework™. All rights reserved.