An audit report notes that terminated employees have been retaining their access rights after their departure. Which of the following strategies would BEST ensure that obsolete access rights are identified in a timely manner?
A. Delete user IDs at a predetermined date after their creation.
B. Automatically delete user IDs after they are unused for a predetermined time.
C. Implement an automated interface with the organization’s human resources system.
D. Require local supervisors to initiate connection.
A. Delete user IDs at a predetermined date after their creation.
B. Automatically delete user IDs after they are unused for a predetermined time.
C. Implement an automated interface with the organization’s human resources system.
D. Require local supervisors to initiate connection.