A security engineer has learned that terminated employees' accounts are not being disabled. The termination dates are updated automatically in the human resources information system software by the appropriate human resources staff. Which of the following would best reduce risks to the organization?
The best way to reduce risks associated with terminated employees' accounts not being disabled is to automate the process. Integrating Active Directory with the human resources information system ensures that the accounts are promptly and consistently disabled whenever an employee's termination date is updated. This minimizes the chance of terminated employees retaining access to the organization's systems and sensitive information.
Automating the process to disable terminated employees' accounts by integrating Active Directory (or any other authentication system) with the human resources information system (HRIS) is the best approach to reduce risks to the organization. By automating this process, the organization ensures that accounts are disabled promptly and consistently whenever an employee's termination date is updated in the HRIS. This reduces the window of opportunity for terminated employees to retain access to systems and sensitive information after leaving the organization.