List of Controls

Domain
Question
Language:
Domain Question Language
Access Management How often are logical access been reviewed? English
Access Management What is the process to disable user accounts upon resignation? English
Access Management Are logical accesses logged? English
Access Management How long do you retain logical access logs? English
Access Management Upon termination how in how much time do you deactivate/delete accounts? English
Access Management Are remote access permited to scoped data? English
Access Management Is multi factor authentication required for remote connection access? English
Access Management How are physical accesses controlled? English
Access Management How often do you review physical accesses to ensure non-needed accesses have been removed? English
Access Management How long do you retain your physical access logs? English
Access Management Do you have anti-pass back mechanisms? English
Access Management Upon termination how in how much time do you deactivate/delete accounts? English
Access Management How many failed attempts do you allow before blocking an account? English
Access Management How many password are remembered to avoid password reuse? (Password History) English
Access Management How often do account password expire? English
Access Management Is visitor access allow? English
Access Management Are visitor's access logged? English
Access Management Are visitors escorted at all time? English
Access Management What is the password policy (password length, remembered passwords, account luck out failed attempts, password expiration, password complexity)? English
Access Management How are temporal password configured (expiration time)? English