Back

Report on the percentage of information assets with defined user privileges that have been assigned based on role and according to policy.


CONTROL ID
02054
CONTROL TYPE
Actionable Reports or Measurements
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an identification and classification of information assets metrics program., CC ID: 02052

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • The purpose of this measurement is to measure the percentage of information assets with defined access privileges that have been assigned based on role and in accordance with policy. (ยง 18.2, IIA Global Technology Audit Guide (GTAG) 1: Information Technology Controls)
  • The organization must measure and report on the percentage of information assets with defined access privileges that have been assigned based on role and in accordance with policy. (ISPE12.2, CISWG Information Security Program Elements, 10-Jan-05)