Filter:
RISK-002 Operational
Critical
Privilege Accumulation (Privilege Creep)

Users accumulate access privileges over time without proper review.

Inherent 15
Residual 15
Open 2
RISK-003 Operational
Critical
Data Exfiltration by Former Employees

Risk of former employees accessing systems after termination.

Inherent 15
Residual 15
Open None 2
RISK-009 Operational
Critical
Accountability Failure (Accountability)

Absence of a clear audit trail makes it difficult to hold administrative actions accountable to the ...

Inherent 15
Residual 15
Open 3
RISK-010 Operational
Critical
Conflicts of Interest due to Privileged Access

Unsegregated privileged access can enable conflicts of interest and fraud.

Inherent 15
Residual 15
Open 3
RISK-011 Strategic
High
Weaknesses in federation and third-party access due to inadequate MFA

Federated administrative accounts (partners, providers) or external users with elevated roles may au...

Inherent 12
Residual 12
Open 1