| Access Management |
How often are logical access been reviewed? |
English |
| Access Management |
What is the process to disable user accounts upon resignation? |
English |
| Access Management |
Are logical accesses logged? |
English |
| Access Management |
How long do you retain logical access logs? |
English |
| Access Management |
Upon termination how in how much time do you deactivate/delete accounts? |
English |
| Access Management |
Are remote access permited to scoped data? |
English |
| Access Management |
Is multi factor authentication required for remote connection access? |
English |
| Access Management |
How are physical accesses controlled? |
English |
| Access Management |
How often do you review physical accesses to ensure non-needed accesses have been removed? |
English |
| Access Management |
How long do you retain your physical access logs? |
English |
| Access Management |
Do you have anti-pass back mechanisms? |
English |
| Access Management |
Upon termination how in how much time do you deactivate/delete accounts? |
English |
| Access Management |
How many failed attempts do you allow before blocking an account? |
English |
| Access Management |
How many password are remembered to avoid password reuse? (Password History) |
English |
| Access Management |
How often do account password expire? |
English |
| Access Management |
Is visitor access allow? |
English |
| Access Management |
Are visitor's access logged? |
English |
| Access Management |
Are visitors escorted at all time? |
English |
| Access Management |
What is the password policy (password length, remembered passwords, account luck out failed attempts, password expiration, password complexity)? |
English |
| Access Management |
How are temporal password configured (expiration time)? |
English |