Certified Information Security Manager (CISM) — Question 657

An organization's HR department requires that employee account privileges be removed from all corporate IT systems within three days of termination to comply with a government regulation. However, the systems all have different user directories, and it currently takes up to four weeks to remove the privileges. Which of the following would BEST enable regulatory compliance?

Answer options

• A. Identity and access management (IAM) system
• B. Privileged access management (PAM) system
• C. Multi-factor authentication (MFA) system
• D. Governance risk, and compliance (GRC) system

Correct answer: A

Explanation

An Identity and access management (IAM) system is designed to manage user identities and their access privileges across various systems, which would streamline the process of removing access upon employee termination. The other options, such as PAM, MFA, and GRC, focus on different aspects of security and compliance, but do not specifically address the need for efficient user privilege management across multiple directories.