Identity - Inactive Identities
Description
Dormant Identities tracks the number of unused or inactive accounts within
the organization, providing critical insight into potential security risks
as dormant accounts are prime targets for unauthorized access and
exploitation, making their identification and timely deactivation essential
for reducing the attack surface and maintaining robust access controls.
| Attribute |
Value |
| Metric id |
im_dormant |
| Category |
Identity Management |
| SLO |
98.00% - 99.00% |
| Weight |
0.8 |
| Type |
 |
References
| Framework |
Ref |
Domain |
Control |
| ISO 27001:2022 |
A.5.16 |
5 Organizational controls |
Identity management |
| CIS 8.1 |
5.3 |
Account Management |
Disable Dormant Accounts |
| NIST CSF v2.0 |
PR.AA-01 |
Identity Management, Authentication, and Access Control (PR.AA) |
PR.AA-01: Identities and credentials for authorized users, services, and hardware are managed by the organization |
Code
select
profile.login as resource,
'user' as resource_type,
last_login as detail,
case
when datediff('day',cast(last_login as date),current_date()) < 90 then 1
else 0
end as compliance
from
{{ ref('okta_users') }}
where
status = 'ACTIVE'