Pro audit program · v1.0

File Share Permissions Audit

NTFS / SharePoint / Drive permissions silently drift over years. A focused audit on excess access, group cleanliness, owners and stale data.

General target area
CIS Controls framework
6 controls in this program
Cyentrix Cyentrix Trusted Author

Sign in to run → Back to library

About this program

NTFS / SharePoint / Drive permissions silently drift over years. A focused audit on excess access, group cleanliness, owners and stale data.

Controls (6)

No "Everyone" or open ACLs on shared paths
Critical

No "Everyone" or open ACLs on shared paths

How to test + evidence

Testing procedure: Scan tool reports paths with overly permissive ACLs; spot-check 10.

Evidence to collect: Scan output + ACL exports.
Folder owner assigned + reviewed annually
High

Folder owner assigned + reviewed annually

How to test + evidence

Testing procedure: Top-level folders have a named owner accountable for access.

Evidence to collect: Owner register.
Permissions inherited from groups, not users
High

Permissions inherited from groups, not users

How to test + evidence

Testing procedure: Explicit user ACLs are exceptions, not the norm.

Evidence to collect: Scan output.
Quarterly access recertification
High

Quarterly access recertification

How to test + evidence

Testing procedure: Owners attest to access lists quarterly.

Evidence to collect: Recert report.
Sensitive folders auditing on
High

Sensitive folders auditing on

How to test + evidence

Testing procedure: Object access auditing on critical paths; events forwarded to SIEM.

Evidence to collect: Audit policy + SIEM source.
Stale folders archived
Low

Stale folders archived

How to test + evidence

Testing procedure: Folders untouched >2 years flagged for archive / delete.

Evidence to collect: Aging report.