Browse Definitions:
Definition

access recertification

Access recertification is an IT control that involves auditing user access privileges to determine if they are correct and adhere to the organization’s internal policies and compliance regulations. Access recertification is typically the responsibility of the organization’s Chief Information Security Officer (CISO) or Chief Compliance Officer (CCO) and may also be known as access attestation or entitlements review.

Access recertification can be carried out manually or programmatically. The first step in a manual recertification process is to extract and collate account information from the organization’s IT and business systems and distribute it in a format that will allow each manager to easily see what privileges each of his or her employees has been granted. Managers are then given a deadline for reviewing the information to flag inappropriate access and verify appropriate access. Challenges with this approach include the possibility that recertification may only be carried out sporadically and that some managers may not understand the importance of access recertification and rubberstamp their verifications.

In large organizations, access governance software can be used to automate the recertification process and ensure that audits occur on a regular basis. Once the information has been extracted and normalized, the software uses a message template to issue recertification requests. If the recipient of the recertification request fails to respond within a specified time period, the software suspends the recipient’s access rights and notifies the recipient’s manager. Challenges with this approach include the cost of the software as well as the time, effort and technical knowledge it requires to ensure the software’s interoperability with legacy systems.

This was last updated in October 2016

Continue Reading About access recertification

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

SearchSecurity

  • copyright

    Copyright is a legal term describing ownership of control of the rights to the use and distribution of certain works of creative ...

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and ...

  • password

    A password is an unspaced sequence of characters used to determine that a computer user requesting access to a computer system is...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

  • mass notification system (MNS)

    A mass notification system is a platform that sends one-way messages to inform employees and the public of an emergency.

SearchStorage

  • CompactFlash card (CF card)

    A CompactFlash card (CF card) is a memory card format developed by SanDisk in 1994 that uses flash memory technology to store ...

  • email archiving

    Email archiving (also spelled e-mail archiving) is a systematic approach to saving and protecting the data contained in email ...

  • RAID (redundant array of independent disks)

    RAID (redundant array of independent disks) is a way of storing the same data in different places on multiple hard disks to ...

SearchSolidStateStorage

  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification written for internally mounted storage...

  • NVMe (non-volatile memory express)

    NVMe (non-volatile memory express) is a host controller interface and storage protocol to enable a solid-state drive to use the ...

  • SSD RAID (solid-state drive RAID)

    SSD RAID (solid-state drive RAID) is a methodology commonly used to protect data by distributing redundant data blocks across ...

SearchCloudStorage

  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...

Close