Browse Definitions :
Definition

access recertification

Access recertification is an IT control that involves auditing user access privileges to determine if they are correct and adhere to the organization’s internal policies and compliance regulations. Access recertification is typically the responsibility of the organization’s Chief Information Security Officer (CISO) or Chief Compliance Officer (CCO) and may also be known as access attestation or entitlements review.

Access recertification can be carried out manually or programmatically. The first step in a manual recertification process is to extract and collate account information from the organization’s IT and business systems and distribute it in a format that will allow each manager to easily see what privileges each of his or her employees has been granted. Managers are then given a deadline for reviewing the information to flag inappropriate access and verify appropriate access. Challenges with this approach include the possibility that recertification may only be carried out sporadically and that some managers may not understand the importance of access recertification and rubberstamp their verifications.

In large organizations, access governance software can be used to automate the recertification process and ensure that audits occur on a regular basis. Once the information has been extracted and normalized, the software uses a message template to issue recertification requests. If the recipient of the recertification request fails to respond within a specified time period, the software suspends the recipient’s access rights and notifies the recipient’s manager. Challenges with this approach include the cost of the software as well as the time, effort and technical knowledge it requires to ensure the software’s interoperability with legacy systems.

This was last updated in October 2016

Continue Reading About access recertification

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

SearchSecurity

  • computer worm

    A computer worm is a type of malicious software program whose primary function is to infect other computers while remaining ...

  • Single Sign-On (SSO)

    Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., ...

  • Certified Information Systems Auditor (CISA)

    Certified Information Systems Auditor (CISA) is a certification issued by ISACA to people in charge of ensuring that an ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

Close