Question PPPR-14

Do you have process and procedure(s) documented, and currently followed, that require a review and update of the access list(s) for privileged accounts?

Standard Guidance

EDUCAUSE provides no guidance here

Answering "NO"

Describe plans to implement privileged account access list reviews to your environment.

Answering "YES"

Provide a brief summary and the implement review interval.

Reason for Question

Protecting privileged accounts is crucial to maintaining system integrity in any environment. This question is targeting privilege creep and unmanaged privileged acccounts to determine if the vendor properly manages access control in their application/system environments.

Follow-Up Inquiries

Ask the vendor to summarize their implemented policies and/or procedures.

HECVAT Pro Advice

[Add expert insights and best practices]

Implementation Tips

[Add practical steps for SME SaaS vendors]

FAQ

[Add common questions related to this HECVAT item]

Resources

[Add links to relevant articles or tools]