this post was submitted on 27 Dec 2024
1 points (100.0% liked)

cybersecurity

10 readers
1 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 1 year ago
MODERATORS
 
The original post: /r/cybersecurity by /u/desiboyy on 2024-12-27 05:14:59.

I’m an IT Auditor currently working on an Access Management audit for one of the modules in eGRC Archer. I asked the auditees to share a system-generated user list to check provisioning/de-provisioning. They informed me that Archer doesn’t have a direct feature to generate this list and that the group they are using to manage users for this module is not linked to Active Directory, even though users are using enterprise IDs and other firm configurations like SSO are set up. Since this group is not linked to AD, I can’t obtain the list from other sources within the firm. Has anyone encountered a similar situation before, and is there a legitimate reason for not linking the group to Active Directory?

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here