How would you approach a master access management audit to check all groups/users in AD and map them to what resources they can access - and determine whether that agrees with "principles of least privelege". It needs to cover provisioning to deprovising
processes to maintenance and monitoring of this process. So set up of new users, retirement of old users, modifacation of groups/user group membership etc etc.
I could do with some sort of documented audit program or checklist of access management as a topic to give me something to start on.
I could do with some sort of documented audit program or checklist of access management as a topic to give me something to start on.
