Accounts without Admin privileges
Description
The percentage of user accounts configured without administrative rights, which is critical for reducing the attack surface, limiting the potential impact of compromised credentials, and aligning with least-privilege security principles to protect organizational systems and data.
| Attribute |
Value |
| Metric id |
im_privileges |
| Category |
Identity Management |
| SLO |
90.00% - 95.00% |
| Weight |
0.5 |
| Type |
 |
References
| Framework |
Ref |
Domain |
Control |
| CIS 8.1 |
5.4 |
Account Management |
Restrict Administrator Privileges to Dedicated Administrator Accounts |
| ISO 27001:2022 |
A.8.2 |
8 Technological controls |
Privileged access rights |
| NIST CSF v2.0 |
PR.AA-05 |
Identity Management, Authentication, and Access Control (PR.AA) |
PR.AA-05: Access permissions, entitlements, and authorizations are defined in a policy, managed, enforced, and reviewed, and incorporate the principles of least privilege and separation of duties |