Rule: IAM Groups Should Have at Least One User
Ensure IAM groups have minimum one user to comply with cybersecurity controls.
| Rule | IAM groups should have at least one user |
| Framework | Federal Financial Institutions Examination Council (FFIEC) |
| Severity | ✔ High |
Rule/Policy Description:
IAM groups should have at least one user for Federal Financial Institutions Examination Council (FFIEC), in order to comply with regulatory requirements and ensure proper access control and monitoring for FFIEC-related activities.
Troubleshooting Steps (if applicable):
N/A
Necessary Codes (if applicable):
N/A
Step-by-Step Guide for Remediation:
- 1.Identify the IAM group(s) that need to have at least one user for FFIEC compliance.
- 2.Review the current users within the IAM group(s) to determine if there is already a user assigned for FFIEC.
- 3.If there is no user assigned for FFIEC, proceed to the next step.
- 4.Identify an appropriate user who should be assigned for FFIEC-related activities. This user should have the necessary knowledge and permissions to fulfill FFIEC requirements.
- 5.If the identified user already exists within the IAM system, skip to step 7. If not, proceed to the next step.
- 6.Create a new user with the required details (username, email address, etc.) within the IAM system. Ensure that the user has the necessary permissions and access rights to perform FFIEC-related tasks.
- 7.Assign the identified user to the IAM group(s) that require FFIEC compliance.
- 8.Verify the assignment by reviewing the IAM group(s) and confirming that the user is listed as a member.
- 9.If needed, communicate the assignment of the user to relevant stakeholders or the FFIEC compliance team.
- 10.Periodically review and update the assigned user as necessary to maintain compliance with FFIEC guidelines.
Note: The specific steps and commands required may vary depending on the IAM system being used. Please refer to the documentation of your IAM system for detailed instructions on user management and group assignments.