nerdexam
(ISC)2

CISSP · Question #1244

If an employee transfers from one role to another, which of the following actions should this trigger within the identity and access management (IAM) lifecycle?

The correct answer is B. User access review and adjustment. User access review and adjustment is the action that should be triggered within the identity and access management (IAM) lifecycle when an employee transfers from one role to another. IAM is the process of identifying, authenticating, authorizing, and managing the users and their

Submitted by akirajp· Mar 5, 2026Identity and Access Management

Question

If an employee transfers from one role to another, which of the following actions should this trigger within the identity and access management (IAM) lifecycle?

Options

  • ANew account creation
  • BUser access review and adjustment
  • CDeprovisioning
  • DSystem account access review and adjustment

How the community answered

(49 responses)
  • A
    2% (1)
  • B
    92% (45)
  • C
    4% (2)
  • D
    2% (1)

Explanation

User access review and adjustment is the action that should be triggered within the identity and access management (IAM) lifecycle when an employee transfers from one role to another. IAM is the process of identifying, authenticating, authorizing, and managing the users and their access rights to the organization's resources and systems. The IAM lifecycle consists of four phases: provisioning, maintenance, review, and deprovisioning. When an employee transfers from one role to another, their access rights may need to be changed or updated to reflect their new responsibilities and duties. This requires a user access review and adjustment, which is part of the maintenance phase of the IAM lifecycle. User access review and adjustment involves verifying and validating the user's identity and current access rights, and modifying or revoking the access rights as needed, based on the principle of least privilege and the organization's policies and standards.

Topics

#IAM lifecycle#access management#role-based access control (RBAC)#user access review

Community Discussion

No community discussion yet for this question.

Full CISSP Practice