This ledger turns privileged access, guest exposure, service-account drift, review coverage, MFA gaps, and vendor admin blind spots into one executive surface: score, evidence table, and diligence-ready memo packets.
| Packet | Owner | Evidence family | Subject | Message |
|---|---|---|---|---|
| high guest-access-unbounded | Identity operations lead | GuestExposure | guest-b2b-collaboration-ring | Guest access on "guest-b2b-collaboration-ring" is too open to support a clean investor narrative. |
| high mfa-gap-exposed | Identity operations lead | MfaCoverage | admin-mfa-coverage | MFA coverage on "admin-mfa-coverage" is weaker than the board story suggests. |
| high privileged-access-unreviewed | Identity operations lead | PrivilegedAccess | global-admin-review-cycle | Privileged access on "global-admin-review-cycle" is not review-safe enough for board or diligence use. |
| high service-account-ownerless | IAM engineering | ServiceAccountDrift | service-account-registry | Service-account evidence on "service-account-registry" is weak enough to create hidden identity risk. |
| medium long-lived-risk-window | Identity operations lead | PrivilegedAccess | global-admin-review-cycle | Identity-risk packet on "global-admin-review-cycle" has remained open for 72 hours. |
| medium long-lived-risk-window | IAM engineering | ServiceAccountDrift | service-account-registry | Identity-risk packet on "service-account-registry" has remained open for 63 hours. |
| medium long-lived-risk-window | Identity operations lead | MfaCoverage | admin-mfa-coverage | Identity-risk packet on "admin-mfa-coverage" has remained open for 88 hours. |
| medium review-coverage-gap | Security governance | ReviewCoverage | quarterly-certification-board-pack | Review coverage on "quarterly-certification-board-pack" is too incomplete to support executive signoff. |
| medium stale-evidence-snapshot | Security governance | — | vendors/contractors/external-admins | Evidence snapshot for "Vendor admin footprint" is stale and should not anchor a board memo without refresh. |
| medium vendor-trust-evidence-missing | Security governance | VendorTrust | contractor-admin-evidence | Vendor trust evidence on "contractor-admin-evidence" is too thin for diligence-ready identity claims. |
| low long-lived-risk-window | Identity operations lead | GuestExposure | guest-b2b-collaboration-ring | Identity-risk packet on "guest-b2b-collaboration-ring" has remained open for 41 hours. |
| low long-lived-risk-window | Security governance | VendorTrust | contractor-admin-evidence | Identity-risk packet on "contractor-admin-evidence" has remained open for 29 hours. |