module 04
paupol2004
AuditChecklist.docxPeriodic Employee / VPN access audit
|
Auditor Information |
|
|
Date Audit Completed: |
November 1, 2017 |
|
Audit Conducted By: |
|
|
Detail any exceptions found, and remediation processes |
|
|
|
|
Control Monitoring |
|
|
CC5.5-4 |
Periodically, the IT Security Analyst compares the current employee listing from the payroll system to active employees in the XYZ Technology Active Directory system to ensure that any existing employees have system access disabled within 24 hours of termination. |
|
CC5.6-6 |
Periodically, the IT Security Analyst compares the current employee listing from the payroll to employees with VPN access. |
|
Number of Enabled Active Directory Accounts: |
|
|
Number of Active Employees Based on Employee Census Report: |
|
|
Difference of Enabled Accounts from Employee Census: |
|
|
In the space below, detail what is known by the data why these two numbers do not match, and include details of the Employee Names or Active Directory Account Names: |
|
|
|
