- Periodic reviews: a manual review of access settings for detection mistakes.-User access overview – user and assigned review the role / responsibility / group.
- Role / Responsibility / Group review – role review or responsibility to check what is being made.
- Critical Access Review – User Review at increased access.
- Review of segregation of duties – user review for access combinations are forbidden by company policy.
- Security configuration overview – system configuration overview.
- Automated monitoring: systematic monitoring access to detect errors – shortens the exposure period due to errors or access violations.
-Firewall / Intrusion monitoring.
-Access monitoring and SOD.
– system settings, code or scripts that enforce control password settings
– password requirements configuration
– configuration of approval paths in the system
- Transactional:- transactional controls
– approval of granting access- approving requests for access
– terminating access
– deletion of access when it is no longer required