Certified Information Systems Security Professional (CISSP) — Question 187
An organization wants to ensure that employees that move to a different department within the organization do not retain access privileges from their former department. To this end, the organization has implemented role-based access control (RBAC). Which additional measure is MOST important to successfully limit excess access privileges?
Answer options
- A. Business role review
- B. Line manager review of assigned roles
- C. Segregation of duties (SoD) review
- D. Access control matrix
Correct answer: B
Explanation
The line manager review of assigned roles is essential as it ensures that direct supervisors regularly evaluate and adjust the access rights of their team members according to their current roles. This proactive approach helps to eliminate outdated permissions that previous roles may have granted. While the other options provide valuable oversight, they do not directly involve the immediate authority responsible for managing employee roles and access.