Control: ism-0407; Revision: 4; Updated: Sep-18; Applicability: ALL; Essential Eight: N/A
A secure record is maintained for the life of each system covering:
- all personnel authorised to access the system, and their user identification
- who provided authorisation for access
- when access was granted
- the level of access that was granted
- when access, and the level of access, was last reviewed
- when the level of access was changed, and to what extent (if applicable)
- when access was withdrawn (if applicable).