access-revocation Controls

Employee and contractor offboarding revokes all access within 24 hours

Supply chain risk management plans include provisions for activities after a supplier relationship ends