Professional Documents
Culture Documents
No Controls Tested-90-DAY Active Directory: Audit / Assurance Objective
No Controls Tested-90-DAY Active Directory: Audit / Assurance Objective
1 Active Directory (AD) accounts no longer requiring access are disabled on a timely basis.
2 User accounts with over 90 days of inactivity are revoked/disabled.
The access rights of all employees, contractors and third-party users of information and
3 information processing facilities should be removed upon termination of their employment,
contract, or agreement, or adjusted upon change.
DS5.4
9.2.6
7.3.1
9.2.6
IT SEDURITY AUDIT
SECURITY CONTINUAL AUDITING 2021-22 QUARTER 1
USER AUDIT SUMMARY OF CONTROLS
AUDIT PERIOD: APRIL 1, 2021 THROUGH JUNE 31, 2021
SYSTEM REVIEWED: ACTIVE DIRECTORY (AD)
Exceptions Noted?
No Test Description Results
Yes/No
User IDs are revoked/disabled after a defined number (90) of days of inactivity
Controls Tested: User Account Administration Policy
a) User accounts that should no longer be on the system have been disabled.
b) User accounts with over 90 days of inactivity are revoked/disabled.
Active Directory / Network users
User accounts that should no longer be on the system have been disabled.
a) Verify whether User accounts for Systems in scope were disabled within
one day or sooner of the employees' separation / suspension dates. a) The following is noted after analysing the Staff listing received from HR for up to the 30-June-2021:
Obtain a listing of all employees including separated/suspended employees 1) Ther were 651 members of staff (507 permanent and 139 temporary) on record.RefExhibit I
from the HR department for the period within review. Using ACL or MS Excel
and the extract of Users' details file (for the Network and Systems in scope),
compare the names from the separated / suspended employees listing to the
names of the Users from the extract. 2) During the review period up to the 30-June-2021 there were 236 acting appointments. RefExhibit I
Check whether any employee remained as an active User on the identified
systems in scope.
3) There were 48 separations on record for the audit period under reviewthich occurred during the
revied period. RefExhibit I
YES
4) 451 Enabled User accounts were inspected.
A list of 48 names were checked against the 451 enabled AD user accounts to check whether any
separated employee AD account remained active, RefTab D90DYADX5 and the following noted:
5) Thirty Nine(39) user accounts assocatied with separated staff were found to be enabled: See Tab
D90DYADX6
Logic
the list was further refined by splitting the reminding names into
three categories 1. a list inactive users to be compared with the
employees list from HR 2. a list inactive users to be justified by
IT Infrastructure(testing, vendor, etc) 3. both inactive were compared
to the results of previous audit
TABLE SHOWING : Three (3) accounts that were found to be enabled yet
Name SamAccountName lastLogondate
co operator cooperator
Fred Doe fdoe 11/13/2020 10:37
intranet notify intranetnotify
found to be enabled yet listed as disabled in previous audits
description
To check Batch jobs that spans between operators shift
Created to complete test runs
UserAccountControl Vloop_previous audit Disabled
512 cooperator
66048 fdoe
512 intranetnotify
User accounts that were flagged & unaccounted for in the previous AD
Name SamAccountName lastLogondate
Supervisor Shops of Arima supvsoa
NIB Online webuser
d for in the previous AD audit remain active & unaccounted
description
IP Telephony Office Account
UserAccountControl vloopup-ip Vlookup-system names
66048 #N/A #N/A
66048 #N/A #N/A
Vloop_previous audit Disabled Flagged but unaccounted accounts
#N/A supvsoa
#N/A webuser
User names were not found in separated list but were inactive for the last 90days
Marvin Williams mwilliams (Normal Account)512
Teashea Carter tcarter 512
Roger Walker rwalker 512
Marlon Pantin mpantin 512
Stacy Lawrence stlawrence (DONT_REQ_PREAUTH)41
Nanda Bowlah nbowlah 512
Roseanne Gervais-Romero rgromero 512
tecla abel tabel 512
Carol Sabazan csabazan 512
Patricia Dookeram pdookeram 512
Patricia Charles pcharles 512
gita bedhesie gbedhesie 512
Sandra Wylle swylle 512
Wendy Ann Douglas wdouglas 512
Steven Phillip sphillip 512
Claudette Gunn-Jacob cgjacob 4194816
sandra watson swatson 512
Peaches Best pbest 512
Kamilah Hosein khosein 512
Ryan Clarke rclarke 512
Kern Daniel kdaniel 512
Kanika Paul-Payne kpayne 512
Candice Smith-Felix csfelix 512
Adelle Prime aprime 512
Akilah Grant akgrant 512
Kim Stuart kstuart 512
Rayann Williams-Gulston rgulston 512
Darron Lafleur dlafleur 512
Kelise Ali-Bobb kalibobb 512
Kevin Harper kharper 512
Kern Forde keforde 512
Arlicia Alexis aalexis 512
Justin Motilal jmotilal 512
Lyam Mapp lmapp 512
Aleisha Daniel adaniel 512
Dylan Simon dsimon 512
Jacqueline Quamina jquamina 512
Shanice Chan schan 512
David Quamna dquamna 512
Andel Clarke aclarke 512
Bree Robinson brobinson 512
Diandra Boodram dboodram 512
Josiah Spencer jspencer 512
Kurt Davidson kdavidson 512
Shameica Marcelle smarcelle 512
Ishan Gosine igosine 512
Ray-Ann Daniel radaniel 512
McKenna Bradshaw mbradshaw 512
Jabari George jageorge 512
J'Deem Parris jparris 512
Alejandro Andalcio aandalcio 512
Shania Lashley slashley 512
Lekysha Andrews landrews 512
Christelena Dookeram cdookeram 512
Terell Birot tbirot 512
Raeann John rjohn 512
Emiley Kimberley Dookran ekdookran 512
Micah Gibson mgibson 512
Chelsea Joyeau cjoyeau 512
Aaliyah Thomas aathomas 512
Mikael Seales mseales 512
Danae Smyke dsmyke 512
Jared Pierre jpierre 512
Sasha Subhag ssubhag 512
Makeda Halls mhalls 512
Joshua Mendoza jomendoza 512
Joshua Cambridge jcambridge 512
Angela Goolcharan agoolcharan 512
Kerise Joefield kjoefield 512
Samantha Scott sscott 512
Sasha Lee salee 512
Shannon Salick ssalick 512
Nicole Roberts nroberts 512
Rondell Greaves rgreaves 512
Kristi Khan kkhan 512
Kelise Ali-Bobb kabobb 512
Samuel Burton sburton 512
Brandon Persad bpersad 512
Demique Williams dwilliams 512
Rima Hosein rihosein 512
Nyla Benny nbenny 512
Nibell Lemessee nlemessee 512
Christian Chee Foon ccheefoon 512
Stephanie Ramlochan sramlochan 512
Iziah King iking 512
Charstal Gopaul cgopaul 512
Lee Ann Danclair ldanclair 512
Simone Mohammed simohammed 512
James Wiltshire jwiltshire 512
Justin Athanase jathanase 512
Davina Norgriff dnorgriff 512
Kyle Seales kseales 512
Jean-marc Granderson jgranderson 512
Tre Grant tgrant 512
Jaycelle Greene jgreene 512
Candice M. Attong cmattong 512
Nifa Khan-persad nkhanpersad 512
Fred Doe fdoe (Password don’t expire)6
Krystal Trotman ktrotman 512
were inactive for the last 90days
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
#N/A
Unverified Generic accounts(not previously idenified b
Name SamAccountName lastLogondate
Unity Dir Unitydir 2/19/2021 17:02
Lyam Mapp lmapp 8/15/2019 15:22
HR Plus hrplus 5/19/2020 14:49
Manager IT Infrastructure mitinfrastructure
Operations Accountant Accounts OAAccounts
Senior Supervisor 2 Accounts ss2Accounts
Senior Supervisor Accounts SSAccounts
Systems Administrator Accounts saaccounts
Manager IT Development mitdevelopment
Manager Database mdatabase
Executive Manager Finance and Accounting EMFinance
Asst Systems Administrator Accounts asaaccounts
Senior Accounting Analyst Accounts saaaccounts
Manager Budget and Controls mbudget
Business Analyst II Budget and Controls babudget
Supervisor Stores Budget and Controls ssbudget
Manager Cheque Centre mcheque
Corporate Secretary Corporate Secretariat cscorpsec
Assistant Corp Secretary Corporate Secretariat acscorpsec
Chief Operating Officer Business Services coobs
Administrative Assistant Business Services aabs
Chief Operating Officer Corporate Services coocs
Administrative Assistant Corporate Services aacs
Executive Director Executive Director eded
Executive Assistant Executive Director eaed
Building Superintendent Facilities bsfacilities
Executive Manager Investments EMInvetsments
Manager FI Investments mfiinvestment
Manager EQU Investments mequinvestments
Senior Invest Analyst 1 Investments siainvestments1
Senior Invest Analyst 2 Investments siainvestments2
Investment Analyst 1 Investments iainvestments1
Investment Analyst 2 Investments iainvestments2
Investment Analyst 3 Investments iainvestments3
Investment Analyst 4 Investments iainvestments4
Real Estate Officer Investments reoinvestments
Manager Procurement MProcurement
Analyst Procurement AProcurement
Analyst II Procurement aprocurement1
Contracts Administrator Procurement caprocurement
Administrative Assistant Risk aarisk
Enterprise Risk Manager Risk ermrisk
Manager Risk Compliance Risk mrcrisk
Manager Business Cont. Plan. Risk mbcprisk
Risk Analyst Risk rarisk
Analyst Operations Risk aorisk
Risk Assistant Risk rasrisk
Executive Manager Risk emrisk
Manager Actuarial Policy Plan Act mappa
Actuarial Assistant Policy Plan Act actappa
Research Asst Policy Policy Plan Act rapppa
Planning Officer Policy Plan Act poppa
Research & Dev Officer 2 Policy Plan Act r&do2ppa
Research & Dev Officer 1 Policy Plan Act rdo1ppa
Research Assistant 1 Policy Plan Act ra1ppa
Research Assistant 2 Policy Plan Act ra2ppa
Network Analyst II IT Infrastructure NAnalystITInfrastruc
Hardware Analyst II IT Infrastructure ha2itinfrastructure
Hardware Analyst I IT Infrastructure ha1itinfrastructure
Analyst II IT Development a2itdevelopment
Systems Analyst Benefits IT Development sabitdevelopment
Systems Analyst Business IT Development sabuitdevelopment
Database Analyst II Database da2database
Asst Database Admin Ops Database adaodatabase
Asst Database Admin Quality Database adaqdatabase
Stores Budget and Controls SBControls
Supervisor Benefit Payments SBPayments
Manager Appeals mappeals
Area Operations Manager Area I aomareaone
Authorised Officer 1 Arima aoonearima
Authorised Officer 2 Arima aotwoarima
Authorised Officer 1 Barataria aoonebarataria
Authorised Officer 2 Barataria aotwobarataria
Authorised Officer 3 Chaguanas aothreechag
Assistant Claims Investigation Unit Asstciu
Manager Claims Investigation Unit mgrciu
Manager Compliance Region I mgrcompregone
Manager Compliance Region II mgrcompregtwo
Manager Compliance Region III mgrcompregthree
Clerical Officer II Corporate Communications cocorpcomm
Manager Corporate Communications mcorpcomm
Authorised Officer 1 Couva aoonecouva
Authorised Officer 2 Couva aotwocouva
Manager Customer Care mgrcustcare
Operator Customer Care operatorcustcare
Administrative Assistant Human Resources aahr
Executive Manager Human Resources emhr
HRO II Benefit Admin Human Resources hroiiadminhr
Manager HR Services Human Resources mgrhrservhr
Manager Org. Development Human Resources mgrorgdevhr
Org. Development Officer Human Resources orgdevoffhr
HRO II Health and Safety Industrial Relations hroiihas
Manager Industrial Relations mgrindrel
Industrial Relations Officer Industrial Relations indreloffir
Administrative Assistant Insurance Operations adminasstio
Clerical Officer II Insurance Operations coiiio
Executive Manager Insurance Operations emio
Manager Insurance Operations mio
Manager II Benefit Admin Insurance Operations mgriiio
Supervisor Insurance Operations supio
Manager I STB Insurance Operations mgrstbio
Manager I LTB Insurance Operations mgrltbio
Manager I Admin Insurance Operations mgriadminio
Senior Supervisor Internal Audit ssupia
Internal Auditor Internal Audit iaia
Helpdesk 2 IT Helpdesk it2helpdesk
Security Analyst Ops IT Security saoitsecurity
Security Analyst Infra IT Security saiitsecurity
Web Communication Analyst IT Infrastructure wcaitinfrastructure
Administrative Assistant Legal adminasstlegal
Executive Manager Legal emlegal
Manager Legal mgrlegal
Legal Officer 1 Legal loonelegal
Legal Officer 2 Legal lotwolegal
Legal Officer 3 Legal lothreelegal
Authorised Officer 2 Luis Street aotwols
Authorised Officer 3 Luis Street aothreels
Manager Mortgages mmortgages
Senior Supervisor Mortgages ssupervisormortgages
Authorised Officer 2 Port of Spain aotwopos
Authorised Officer 3 Port of Spain aothreepos
Supervisor Payroll suppayroll
Supervisor Pension Ready suppenready
Clerical Officer II Pension Ready coiipenready
Manager II Process Maintenance mgriiprocess
Manager II Processs Maintenance mgriiprocesss
Manager R&D Policy Plan Act mrdppa
Manager Records mgrrecords
Supervisor Records suprecords
Authorised Officer 2 Recoveries aotworecoveries
Authorised Officer 2 South Regional Office aotwosro
Authorised Officer 3 South Regional Office aothreesro
Authorised Officer 1 Tobago aoonetobago
Authorised Officer 2 Tobago aotwotobago
Authorised Officer 1 Tunapuna aoonetuna
Authorised Officer 2 Tunapuna aotwotuna
Authorised Officer 3 Tunapuna aothreetuna
Administrative Assistant Executive Director aaed
Financial Accountant Accounts FAAccounts
Lobby 3rd Floor QPE looby3qpe
Hummingbird Conference Room hummingbird
Scarlet Ibis Conference Room scarletibis
Lobby 4th Floor QPE lobby4qpe
Cocorico 1 Conference Room cocoricoone
Cocorico 2 Conference Room cocoricotwo
Blue Jay Conference Room bluejay
Kiskadee Conference Room kiskadee
Parakeet Conference Room parakeet
Flamingo Conference Room flamingo
Lobby 5th Floor QPE looby5qpe
Hibiscus Conference Room hibiscus
Chaconia Conference Room chaconia
Board Room 2 Conference Room boardtwo
Authorised Officer 1 South Regional Officer aoonesro
Authorised Officer 1 Point Fortin aopf
Authorised Officer 1 Siparia aoonesip
Clerical Officer I Registry Cheque Centre COCCentre
Clerical Officer I Cheque Centre cocheque
Administrative Assistant Investments AAInvestments
Admin Asst Finance and Accounting aafinance
Helpdesk 1 IT Helpdesk ithelpdesk
training training 4/26/2020 21:11
S.R.G 1 srg1 6/27/2020 11:39
S.R.G 2 srg2 6/29/2020 5:55
QPE Collect1 qpecollect1 10/16/2020 11:41
QPE Collect2 qpecollect2 11/30/2020 11:13
test pfortin tfortin
Microsoft Corp Analyst mscsat
training3 train3
Massy Technologies massy 12/22/2020 15:25
iti test itest
Replication Test dfrs
ODB Admin Consulting odbac 1/14/2021 8:11
Remote Work remwork 1/20/2021 8:02
Replication Test rtest
soa user soauser
Ptown User puser
pfortin user pfuser
SQL PolyEngine sqlpengine
SQL PolyMovement sqlpm
PBS Technology pbstt
ot previously idenified by IT Infrastructure)
description
Unity account
#100039 access to Internet set expiry... previous 31st August
Generic User created for customers of the QPE collection centre can access the Internet
Generic User created for customers to access the internet in the QPE Collection Centre
Unity account
Created due to lock out issues with the other profile
#100238 shared folder access until 31 Dec #94142 Acting for 2 weeks
Access Area I till July 31
Unity Account
Created for Oracle Database Backup on Windows
NOTE Internet Access given as Issue with access to FTP on WinXP system.
#104618
#79437
Expiry date set Re Request #71109#69022#68157. Internet and CIU Access
INTERN
Ext #96379
Remote Access Requested SUGA+ #
#107918
#107760
#101112 #106912
INTERN
INTERN
INTERN - #99948
INTERN
INTERN
INTERN
INTERN
INTERN
INTERN
Intern
INTERN
INTERN
INTERN
#100752
INTERN
#107921
#107857
#107760
#107768
INTERN
#107050
106666
#107113
106722; extended to 2022
Generic User created for customers of the QPE collection centre can access the Internet
106683 #107811
#107869
106636 temp co I
106695 #107829
#107564 #107892
106640
#108499 #107844
106675 #107781
#108499; 106633 new employee #107028 #107844
Created to complete test runs
#107869
Generic User created for customers to access the internet in the QPE Collection Centre
#107765
106672 new employee
106722
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Sa
Tu
Wedn
Sa
Wed
T
S
T
We
T
S
S
T
Sa
S
User accounts assocatied with separated staff were found to be enabled
Name SamAccountName
Aalia Brooks abrooks
Adria Lawrence alawrence
Aidan Brown abrown
Ajmir Ali aali
Aleema Khan akhan
Alicia Rampersad arampersad
Anthonio-Leigh Lakatoo allakatoo
Aruna Mohammed armohammed
Ayinde Fredrick afredrick
Chelsea Farmer cfarmer
Daniella Weston dweston
Denise Nicholas dnicholas
Esther Brooks ebrooks
Ethan James ejames
Faith Samuel fsamuel
Gail Sookram gsookram
Gillian Stafford gstafford
Giselle McPherson gmcpherson
Ivy Dan-Aggan idaggan
Jammal John jjohn
Jeannel Ramsey jramsey
Jeremy Mitchell jmitchell
Jivant Peters jpeters
Josanne Liverpool jliverpool
Joshua Chaitoo jchaitoo
judith hernandez jhernandez
Julius Leacock jleacock
Justin Carrington jcarrington
Kerwin John kejohn
Kyle Clarke kclarke
Marina Moonsammy mmoonsammy
Maureen Simon msimon
Mercedes Moore mmoore
Nikita Skeete nskeete
Norman Shortte nshortte
Patricia George-Lezama pgeorgel1
Shanice Fitzallen sfitzallen
Shazard Mohammed shamohammed
Tamara Crichlow-Sandy tcsandy
arated staff were found to be enabled
UserAccountControl Vlookup_ separated
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
(DONT_REQ_PREAUTH) 4194816 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A
512 #N/A