Offboarding task checklists are completed and system access is revoked for employees as a component of the employee termination process.
The purpose of this control is to ensure there is a process in place to remove access to user accounts that is no longer necessary. This control helps ensure that only authorized and active accounts can be accessed and used to prevent any unauthorized use or access of GitLab customer, GitLab teammember, and partner data.
This control applies to any system or service where user accounts can be provisioned.
IT Ops (50%)
System Owners (50%)
Non-public information relating to this security control as well as links to the work associated with various phases of project work can be found in the Logical Access De-Provisioning control issue.