https://www.epa.gov/sites/production/files/2015-09…
https://www.epa.gov/office-inspector-general/repor…
Reference Sample Risk:
Organization/Agency Selected:
Organization/Agency Mission:
Identifier
Source
Threat ID
Risk Description
Business Impact
Recommended Corrective Action
Likelihood
Impact
Risk Level
Audit
T-1,
T-8, T-23, T-24,
T-36
Notification is not performed when account changes are made.
The lack of notification allows unauthorized changes to individuals who elevate permissions and group membership to occur without detection.
Enable auditing of all activities performed under privileged accounts in GPOs and develop a process to allow these events to be reviewed by an individual who does not have Administrative privileges.
Medium
Medium
Medium