Gitlab hero border pattern left svg Gitlab hero border pattern right svg

IAM.1.01 - Logical Access Provisioning Control Guidance

On this page

IAM.1.01 - Logical Access Provisioning

Control Statement

Logical access provisioning to information systems requires approval from appropriate personnel.

Context

The purpose of this control is to ensure there is a process in place to review and authorize new user account requests. Ensuring only people who require access to a system or service receive access helps improve GitLab's overall security posture by limiting the number of accounts with access and reducing the overall likelihood of an account being compromised.

Scope

This control applies to any system or service where user accounts can be provisioned.

Ownership

TBD

Implementation Guidance

For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.

For all reference links relevant to this control, refer to the full guidance documentation.

Examples of evidence an auditor might request to satisfy this control

For examples of evidence an auditor might request, refer to the full guidance documentation.

Framework Mapping