II.
LibraryProcess overview
Reference · livelib-process:security-compliance--iam-access-control
iam-access-control overview
Access Control and IAM Review - Comprehensive identity and access management security assessment covering RBAC/ABAC implementation, least privilege enforcement, access reviews and certification, privileged account management, MFA enforcement, identity lifecycle management, access governance, segregation of duties, and compliance validation against SOC2, PCI-DSS, HIPAA, and ISO27001 standards.
Attributes
displayName
iam-access-control
description
Access Control and IAM Review - Comprehensive identity and access management security assessment covering
RBAC/ABAC implementation, least privilege enforcement, access reviews and certification, privileged account management,
MFA enforcement, identity lifecycle management, access governance, segregation of duties, and compliance validation
against SOC2, PCI-DSS, HIPAA, and ISO27001 standards.
libraryPath
library/specializations/security-compliance/iam-access-control.js
specialization
security-compliance
references
- - NIST SP 800-63: Digital Identity Guidelines: https://pages.nist.gov/800-63-3/ - CIS Controls v8: Identity and Access Management: https://www.cisecurity.org/controls/ - OWASP Access Control Cheat Sheet: https://cheatsheetseries.owasp.org/cheatsheets/Access_Control_Cheat_Sheet.html - AWS IAM Best Practices: https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html - Azure AD Security Best Practices: https://docs.microsoft.com/azure/active-directory/fundamentals/security-operations-introduction - NIST SP 800-53: Access Control Family: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf - PCI-DSS Requirement 7 & 8: https://www.pcisecuritystandards.org/ - Zero Trust Architecture (NIST SP 800-207): https://csrc.nist.gov/publications/detail/sp/800-207/final
example
const result = await orchestrate('specializations/security-compliance/iam-access-control', {
projectName: 'Enterprise SaaS Platform',
environment: 'production',
iamPlatform: 'aws-iam', // 'aws-iam', 'azure-ad', 'okta', 'auth0', 'google-workspace', 'on-premise-ad'
accessControlModel: 'rbac', // 'rbac', 'abac', 'hybrid'
userCount: 500,
privilegedAccountsCount: 25,
complianceFrameworks: ['SOC2', 'PCI-DSS', 'ISO27001', 'HIPAA'],
enableMFA: true,
enableAccessReviews: true,
accessReviewFrequency: 'quarterly',
enablePrivilegedAccessManagement: true,
enableJustInTimeAccess: true,
sessionTimeout: 30,
passwordPolicy: 'strong'
});
Outgoing edges
lib_applies_to_domain1
- domain:security·DomainSecurity
lib_belongs_to_specialization1
- specialization:security-compliance·Specialization
lib_implements_workflow2
- workflow:vulnerability-management·Workflow
- workflow:access-review·WorkflowAccess Review
Incoming edges
None.