πUser Access Deprovisioning
π§ Planning:
Selected due to risk of orphaned accounts. Pulled 12-month HR termination logs and matched to active system users.
π― Objectives:
-
Ensure timely revocation of access
-
Identify residual access after user separation
π Procedures:
-
Cross-referenced HR terminations with system logs
-
Tested termination to deactivation timing
-
Reviewed account disabling procedures
π Working Papers:
-
WP-ITGC-UD001: Deprovisioning control test -
Evidence: HR exit list, AD user status reports
π Findings:
-
β 3 accounts remained active >10 days post-termination
-
β οΈ Manual tickets not promptly closed
-
β οΈ No central oversight on deactivation timelines
π§° Tools Used:
HR termination reports, AD export, Excel, deactivation tracker
β Recommendations:
-
Enforce 24-hour deactivation SLA
-
Auto-disable accounts based on HR triggers
-
Implement reconciliation scripts between HR and AD
