Cloud Least Privilege Access Assessment Form
Evaluate your cloud environment’s adherence to least-privilege principles with this security checklist.
What is the scope of the cloud environment being assessed?
*
Please Select
Single Application
Multiple Applications
Entire Business Unit
Full Organization
Other
How are identities managed within your cloud environment?
*
Manual provisioning and deprovisioning
Automated via identity provider (IdP)
Hybrid (manual and automated)
Unknown
What is the frequency of access reviews for privileged accounts?
*
Monthly
Quarterly
Annually
Never
To what extent are roles used instead of direct privilege assignment?
*
Never
1
2
3
4
Always
5
1 is Never, 5 is Always
Are default cloud service roles and permissions reviewed and adjusted?
*
All reviewed and adjusted as needed
Some reviewed and adjusted
Not reviewed
Not applicable
How is privilege escalation risk monitored in your cloud environment?
*
Automated monitoring and alerting
Manual monitoring
No monitoring
Unknown
How frequently are exceptions to least-privilege policies granted?
*
Never
Rarely (less than once a year)
Occasionally (a few times a year)
Frequently (monthly or more)
Rate the effectiveness of logging and monitoring for privileged actions.
*
1
2
3
4
5
How quickly are excessive or unused privileges remediated?
*
Immediately (within 24 hours)
Within a week
Within a month
Longer than a month
Assessment Summary Table
*
Rows
Current State
Target State
Role-based Access Control
1
2
Access Review Cadence
3
4
Privilege Assignment
5
6
Logging and Monitoring
7
8
Submit Assessment
Should be Empty: