How to resolve Sprinto check for critical systems access review

About

Check: Periodic Review of Access to Critical Systems Completion

The above Sprinto check serves as a reminder to perform the users access review for the critical system. The review is a periodic process and need to be repeated every twelve months. The review by default needs to be performed by the assigned InfoSec officer. However if you have assigned critical system owner, either the owner or InfoSec officer can perform the review.

Purpose

The need for performing access review periodically is to ensure that the organization's critical resources are accessed only by authorized staff members. Access validity for a critical system can be configured through various means, including:

Note: By default, the check’s frequency is set as 12 months. You can update the frequency per your need, if required.

Accessible by all staff members
Role-based access
Ticket-based access

How to Resolve

To resolve this check, review the staff members access to the critical systems. Ensure only the valid staff members accesses the critical systems in accordance with the configured access control settings for each system.

For detailed instructions, please refer to perform critical system access review for detailed instructions.

PreviousHow To Resolve Sprinto Check For Configuring User Login Protection Methods On Critical Access System NextHow to resolve Sprinto check for disabling inactive AWS users credentials