Access controls are the cornerstone of IT security, but many auditors overlook the concepts behind them and jump straight into testing. In this session, we cover the access management lifecycle and consider the controls in the Federal Information System Controls Audit Manual.

This course is a part of IT Audit Bytes series. The other Segments of this series are:

1. IT Audit Bytes - Access Control
2. IT Audit Bytes - Backup and Recovery
3. IT Audit Bytes - Change Management
4. IT Audit Bytes - Cybersecurity
5. IT Audit Bytes - Data Loss Prevention
6. IT Audit Bytes - Disaster Recovery and BCP
7. IT Audit Bytes - IT Control Frameworks
8. IT Audit Bytes - Job Monitoring
9. IT Audit Bytes - Logging and SEIM
10. IT Audit Bytes - Network Security and Detection
11. IT Audit Bytes - Password Management
12. IT Audit Bytes - Physical Security
13. IT Audit Bytes - Provisioning and Deprovisioning
14. IT Audit Bytes - SDLC Controls
15. IT Audit Bytes - Security Awareness Training
16. IT Audit Bytes - Separation of Duties Controls
17. IT Audit Bytes - SOC Reports
18. IT Audit Bytes - Strategy and Governance
19. IT Audit Bytes - Third-Party IT Risk Management (TPRM)