CC6.3SOC 2Logical access - access modification and removal
The entity authorizes, modifies, or removes access based on changes in user roles or termination.
- Trust Service Criterion
- CC
- Audit period
- type-2
- Points of focus
- Role changes trigger access review
- Departing personnel are deprovisioned promptly
- Access changes are logged