Gitlab hero border pattern left svg Gitlab hero border pattern right svg

IAM.1.02 - Logical Access De-Provisioning Control Guidance

On this page

IAM.1.02 - Logical Access De-Provisioning

Control Statement

Logical access that is no longer required in the event of a termination is documented, communicated to management, and revoked.

Context

The purpose of this control is to ensure there is a process in place to remove access to user accounts that is no longer necessary. This control helps ensure that only authorized and active accounts can be accessed and used to prevent any unauthorized use or access of GitLab customer, GitLab teammember, and partner data.

Scope

This control applies to any system or service where user accounts can be provisioned.

Ownership

TBD

Implementation Guidance

For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.

For all reference links relevant to this control, refer to the full guidance documentation.

Examples of evidence an auditor might request to satisfy this control

For examples of evidence an auditor might request, refer to the full guidance documentation.

Framework Mapping