Which of the following is the BEST course of action that the security officer can take to avoid repeat audit findings?

A security audit has uncovered a lack of security controls with respect to employees’ network
account management. Specifically, the audit reveals that employee’s network accounts are not
disabled in a timely manner once an employee departs the organization. The company policy
states that the network account of an employee should be disabled within eight hours of
termination. However, the audit shows that 5% of the accounts were not terminated until three
days after a dismissed employee departs. Furthermore, 2% of the accounts are still active.
Which of the following is the BEST course of action that the security officer can take to avoid
repeat audit findings?

A security audit has uncovered a lack of security controls with respect to employees’ network
account management. Specifically, the audit reveals that employee’s network accounts are not
disabled in a timely manner once an employee departs the organization. The company policy
states that the network account of an employee should be disabled within eight hours of
termination. However, the audit shows that 5% of the accounts were not terminated until three
days after a dismissed employee departs. Furthermore, 2% of the accounts are still active.
Which of the following is the BEST course of action that the security officer can take to avoid
repeat audit findings?

A.
Review the HR termination process and ask the software developers to review the identity
management code.

B.
Enforce the company policy by conducting monthly account reviews of inactive accounts.

C.
Review the termination policy with the company managers to ensure prompt reporting of
employee terminations.

D.
Update the company policy to account for delays and unforeseen situations in account
deactivation.



Leave a Reply 0

Your email address will not be published. Required fields are marked *