As a consultant with the Security Consulting Company, you have been hired to develop a user access request process for a client organization that does not have a process today. You have been asked to develop:
- A user access request form
- A procedure for routing the request to appropriate approvers
- A procedure for user account administrators to follow when they receive an approved access request
- A method for saving requests, approvals, and provisioning records Describe scenarios that would require “exception processing” in this process.
Describe how a larger organization might need to modify this process. Discuss how auditors would audit this process.