IAM Application Connection Governance Report

Control Tower · Generated: 2026-03-09 · 75 Applications · 255 Connections · 96 Gaps

Summary Department Scorecard Remediation Queue Application Map All Gaps Maintenance Model
75
Applications
255
Connections
180
High Risk
69
Medium Risk
6
Low Risk
69
Critical Items
96
Total Gaps
2
Compliant Depts

Department Risk Scorecard

DepartmentTotal AppsHIGH Sensitivity IAM CoverageStale ReviewsHIGH Risk ConnectionsRisk Rating
IT 23 11
89.4%		 13 43 AT RISK
Finance 10 7
94.6%		 6 31 AT RISK
Compliance 6 6
80.8%		 6 26 AT RISK
Operations 9 5
88.2%		 4 24 AT RISK
Commercial 6 3
85.7%		 5 13 AT RISK
Human Resources 5 2
94.1%		 4 10 AT RISK
Air Cargo 1 1
80.0%		 0 5 AT RISK
Communications 1 0
66.7%		 0 0 AT RISK
HSE 2 1
100.0%		 0 5 COMPLIANT
Sustainability 1 0
100.0%		 0 0 COMPLIANT
Executive 1 1
66.7%		 0 3 CRITICAL
Legal 5 3
93.8%		 2 12 MONITOR
Logistics 4 1
91.7%		 3 4 MONITOR
Strategy 1 1
100.0%		 1 4 MONITOR

Remediation Priority Queue — Top 20 Critical Items

PriorityGap TypeApplication DetailActionDeadlineOwner
CRITICAL UNDOCUMENTED_CONNECTION SAP Finance ERP Connection CONN0006 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION Freight Booking Platform Connection CONN0019 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION Port Operations Dashboard Connection CONN0027 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION VPN & Remote Access Gateway Connection CONN0050 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION SIEM Splunk Connection CONN0136 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION Privileged Access Workstation Connection CONN0140 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION Audit Management System Connection CONN0194 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION Sanctions Screening Tool Connection CONN0206 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL UNDOCUMENTED_CONNECTION Kubernetes Cluster AKS Connection CONN0239 has no documented status Investigate and document or remove connection within 24 hours. 2026-03-10 iam_team
CRITICAL STALE_REVIEW SAP HR Core Last reviewed 440 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW SAP HR Core Last reviewed 681 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Vessel Tracking System Last reviewed 724 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Customer Portal Last reviewed 479 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Legal Document Management Last reviewed 453 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Email Gateway Last reviewed 702 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW VPN & Remote Access Gateway Last reviewed 764 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW VPN & Remote Access Gateway Last reviewed 218 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Azure AD Last reviewed 306 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Azure AD Last reviewed 728 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner
CRITICAL STALE_REVIEW Azure AD Last reviewed 241 days ago (threshold: 180 days) Complete access review immediately. Escalate if owner unresponsive after 24h. 2026-03-12 application_owner

Application Connection Map

App IDApplicationDepartment SensitivityOwner Active / Total ConnectionsStale Reviews
APP001 SAP HR Core Human Resources HIGH hr.admin@cmacgm.com 5/5 2
APP002 SAP Finance ERP Finance HIGH cfo.office@cmacgm.com 3/5 0
APP003 Vessel Tracking System Operations HIGH fleet.ops@cmacgm.com 3/4 1
APP004 Customer Portal Commercial HIGH digital@cmacgm.com 4/4 1
APP005 Freight Booking Platform Commercial HIGH booking@cmacgm.com 4/5 0
APP006 Port Operations Dashboard Operations HIGH port.ops@cmacgm.com 3/5 0
APP007 Payroll System Human Resources HIGH hr.payroll@cmacgm.com 5/5 0
APP008 Treasury Management System Finance HIGH treasury@cmacgm.com 5/5 0
APP009 Legal Document Management Legal HIGH legal@cmacgm.com 4/4 1
APP010 Email Gateway IT HIGH it.admin@cmacgm.com 4/4 1
APP011 VPN & Remote Access Gateway IT HIGH it.security@cmacgm.com 3/5 2
APP012 Active Directory IT HIGH it.iam@cmacgm.com 5/5 0
APP013 Azure AD IT HIGH it.iam@cmacgm.com 3/3 3
APP014 CEVA Logistics TMS Logistics HIGH logistics.ops@cmacgm.com 4/4 1
APP015 Air Cargo Booking System Air Cargo HIGH aircargo@cmacgm.com 4/5 0
APP016 Container Tracking API IT HIGH api.team@cmacgm.com 4/4 0
APP017 Customs Clearance Platform Compliance HIGH customs@cmacgm.com 5/5 0
APP018 Trade Finance Platform Finance HIGH tradefinance@cmacgm.com 3/3 0
APP019 Risk Management System Compliance HIGH risk@cmacgm.com 4/5 2
APP020 Procurement Platform Finance HIGH procurement@cmacgm.com 5/5 0
APP021 Fleet Maintenance System Operations HIGH fleet.maintenance@cmacgm.com 5/5 0
APP022 Crew Management System Operations HIGH crew.mgmt@cmacgm.com 4/5 1
APP023 Port Agency Management Operations MEDIUM port.agency@cmacgm.com 2/2 0
APP024 Dangerous Goods Management HSE HIGH hse@cmacgm.com 5/5 0
APP025 Invoice Processing System Finance HIGH finance.ops@cmacgm.com 4/4 1
APP026 CRM Salesforce Commercial MEDIUM sales@cmacgm.com 2/2 1
APP027 Marketing Automation Commercial MEDIUM marketing@cmacgm.com 3/3 1
APP028 Business Intelligence Platform IT MEDIUM bi.team@cmacgm.com 3/3 1
APP029 Data Warehouse IT HIGH data.platform@cmacgm.com 5/5 0
APP030 Compliance Reporting Tool Compliance HIGH compliance@cmacgm.com 4/4 1
APP031 Internal Intranet Communications MEDIUM comms@cmacgm.com 2/3 0
APP032 Learning Management System Human Resources LOW hr.learning@cmacgm.com 1/1 0
APP033 IT Service Desk ServiceNow IT MEDIUM it.servicedesk@cmacgm.com 3/3 0
APP034 SIEM Splunk IT HIGH it.security@cmacgm.com 3/4 0
APP035 Privileged Access Workstation IT HIGH UNKNOWN 4/5 1
APP036 Backup & Recovery System IT HIGH it.infra@cmacgm.com 2/2 1
APP037 Vessel Performance Analytics Operations MEDIUM fleet.analytics@cmacgm.com 3/3 0
APP038 Carbon Footprint Tracker Sustainability MEDIUM sustainability@cmacgm.com 3/3 0
APP039 Supplier Portal Finance MEDIUM procurement@cmacgm.com 1/1 0
APP040 GDPR Data Subject Request Tool Legal HIGH dpo@cmacgm.com 4/4 0
APP041 Whistleblowing Platform Legal HIGH ethics@cmacgm.com 4/4 1
APP042 Incident Management System HSE MEDIUM hse@cmacgm.com 3/3 0
APP043 Container Planning System Operations HIGH operations.planning@cmacgm.com 5/5 1
APP044 Demurrage & Detention System Commercial MEDIUM commercial.ops@cmacgm.com 2/3 0
APP045 Rate Management System Commercial HIGH pricing@cmacgm.com 3/4 2
APP046 Document Management System Legal MEDIUM records@cmacgm.com 2/3 0
APP047 Warehouse Management System Logistics MEDIUM logistics.wms@cmacgm.com 3/3 1
APP048 Last Mile Delivery Platform Logistics MEDIUM logistics.lastmile@cmacgm.com 3/3 0
APP049 Tax Management System Finance HIGH tax@cmacgm.com 5/5 1
APP050 Audit Management System Compliance HIGH internal.audit@cmacgm.com 2/4 1
APP051 Board Portal Executive HIGH executive@cmacgm.com 2/3 0
APP052 M&A Dataroom Strategy HIGH strategy@cmacgm.com 4/4 1
APP053 Sanctions Screening Tool Compliance HIGH compliance@cmacgm.com 4/5 1
APP054 Anti-Money Laundering System Compliance HIGH compliance@cmacgm.com 2/3 1
APP055 Vessel Fuel Management Operations MEDIUM fleet.fuel@cmacgm.com 2/2 0
APP056 Port Community System Integration Operations MEDIUM port.ops@cmacgm.com 3/3 1
APP057 Dev Test Environment IT LOW UNKNOWN 1/1 0
APP058 QA Testing Platform IT LOW qa.team@cmacgm.com 1/1 0
APP059 Staging Environment IT LOW dev.team@cmacgm.com 1/1 1
APP060 Employee Self-Service Portal Human Resources MEDIUM hr.ess@cmacgm.com 3/3 1
APP061 Travel & Expense Management Finance MEDIUM finance.travel@cmacgm.com 2/2 1
APP062 Video Conferencing Teams IT LOW it.collab@cmacgm.com 1/1 0
APP063 File Sharing OneDrive IT MEDIUM it.collab@cmacgm.com 3/3 1
APP064 Internal Wiki Confluence IT LOW UNKNOWN 1/1 0
APP065 Project Management Jira IT LOW it.pmo@cmacgm.com 0/1 0
APP066 Code Repository GitHub Enterprise IT MEDIUM dev.team@cmacgm.com 2/2 0
APP067 CI/CD Pipeline Azure DevOps IT MEDIUM dev.team@cmacgm.com 3/3 1
APP068 Container Registry ACR IT MEDIUM dev.team@cmacgm.com 2/3 1
APP069 Kubernetes Cluster AKS IT HIGH it.platform@cmacgm.com 2/3 0
APP070 API Gateway IT HIGH UNKNOWN 3/3 0
APP071 Legacy Billing System Finance HIGH finance.billing@cmacgm.com 4/4 2
APP072 Archival Storage System Legal LOW records@cmacgm.com 1/1 0
APP073 EMEA Regional HR Portal Human Resources MEDIUM hr.emea@cmacgm.com 2/3 1
APP074 APAC Regional Finance Portal Finance MEDIUM finance.apac@cmacgm.com 3/3 1
APP075 Americas Logistics Portal Logistics MEDIUM logistics.americas@cmacgm.com 1/2 1

All Governance Gaps — 96 identified

RiskGap TypeApplication DetailRecommended Action
HIGH MISSING_CONNECTION Vessel Tracking System Required IAM product IAM002 not connected Connect APP003 to IAM002 immediately
HIGH MISSING_CONNECTION Customer Portal Required IAM product IAM005 not connected Connect APP004 to IAM005 immediately
HIGH MISSING_CONNECTION Legal Document Management Required IAM product IAM005 not connected Connect APP009 to IAM005 immediately
HIGH MISSING_CONNECTION Email Gateway Required IAM product IAM002 not connected Connect APP010 to IAM002 immediately
HIGH MISSING_CONNECTION Azure AD Required IAM product IAM001 not connected Connect APP013 to IAM001 immediately
HIGH MISSING_CONNECTION Azure AD Required IAM product IAM005 not connected Connect APP013 to IAM005 immediately
HIGH MISSING_CONNECTION CEVA Logistics TMS Required IAM product IAM004 not connected Connect APP014 to IAM004 immediately
HIGH MISSING_CONNECTION Container Tracking API Required IAM product IAM005 not connected Connect APP016 to IAM005 immediately
HIGH MISSING_CONNECTION Trade Finance Platform Required IAM product IAM003 not connected Connect APP018 to IAM003 immediately
HIGH MISSING_CONNECTION Trade Finance Platform Required IAM product IAM004 not connected Connect APP018 to IAM004 immediately
HIGH MISSING_CONNECTION Invoice Processing System Required IAM product IAM001 not connected Connect APP025 to IAM001 immediately
HIGH MISSING_CONNECTION Compliance Reporting Tool Required IAM product IAM001 not connected Connect APP030 to IAM001 immediately
HIGH MISSING_CONNECTION SIEM Splunk Required IAM product IAM001 not connected Connect APP034 to IAM001 immediately
HIGH MISSING_CONNECTION Backup & Recovery System Required IAM product IAM001 not connected Connect APP036 to IAM001 immediately
HIGH MISSING_CONNECTION Backup & Recovery System Required IAM product IAM004 not connected Connect APP036 to IAM004 immediately
HIGH MISSING_CONNECTION Backup & Recovery System Required IAM product IAM005 not connected Connect APP036 to IAM005 immediately
HIGH MISSING_CONNECTION GDPR Data Subject Request Tool Required IAM product IAM002 not connected Connect APP040 to IAM002 immediately
HIGH MISSING_CONNECTION Whistleblowing Platform Required IAM product IAM001 not connected Connect APP041 to IAM001 immediately
HIGH MISSING_CONNECTION Rate Management System Required IAM product IAM002 not connected Connect APP045 to IAM002 immediately
HIGH MISSING_CONNECTION Audit Management System Required IAM product IAM005 not connected Connect APP050 to IAM005 immediately
HIGH MISSING_CONNECTION Board Portal Required IAM product IAM001 not connected Connect APP051 to IAM001 immediately
HIGH MISSING_CONNECTION Board Portal Required IAM product IAM005 not connected Connect APP051 to IAM005 immediately
HIGH MISSING_CONNECTION M&A Dataroom Required IAM product IAM004 not connected Connect APP052 to IAM004 immediately
HIGH MISSING_CONNECTION Anti-Money Laundering System Required IAM product IAM003 not connected Connect APP054 to IAM003 immediately
HIGH MISSING_CONNECTION Anti-Money Laundering System Required IAM product IAM004 not connected Connect APP054 to IAM004 immediately
HIGH MISSING_CONNECTION Kubernetes Cluster AKS Required IAM product IAM001 not connected Connect APP069 to IAM001 immediately
HIGH MISSING_CONNECTION Kubernetes Cluster AKS Required IAM product IAM004 not connected Connect APP069 to IAM004 immediately
HIGH MISSING_CONNECTION API Gateway Required IAM product IAM001 not connected Connect APP070 to IAM001 immediately
HIGH MISSING_CONNECTION API Gateway Required IAM product IAM004 not connected Connect APP070 to IAM004 immediately
HIGH MISSING_CONNECTION Legacy Billing System Required IAM product IAM005 not connected Connect APP071 to IAM005 immediately
MEDIUM MISSING_CONNECTION Port Agency Management Required IAM product IAM001 not connected Connect APP023 to IAM001 within 30 days
MEDIUM MISSING_CONNECTION CRM Salesforce Required IAM product IAM003 not connected Connect APP026 to IAM003 within 30 days
MEDIUM MISSING_CONNECTION Supplier Portal Required IAM product IAM001 not connected Connect APP039 to IAM001 within 30 days
MEDIUM MISSING_CONNECTION Supplier Portal Required IAM product IAM003 not connected Connect APP039 to IAM003 within 30 days
MEDIUM MISSING_CONNECTION Vessel Fuel Management Required IAM product IAM004 not connected Connect APP055 to IAM004 within 30 days
MEDIUM MISSING_CONNECTION Travel & Expense Management Required IAM product IAM004 not connected Connect APP061 to IAM004 within 30 days
MEDIUM MISSING_CONNECTION Code Repository GitHub Enterprise Required IAM product IAM004 not connected Connect APP066 to IAM004 within 30 days
MEDIUM MISSING_CONNECTION Americas Logistics Portal Required IAM product IAM001 not connected Connect APP075 to IAM001 within 30 days
HIGH STALE_REVIEW SAP HR Core Last reviewed 440 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW SAP HR Core Last reviewed 681 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Vessel Tracking System Last reviewed 724 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Customer Portal Last reviewed 479 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Legal Document Management Last reviewed 453 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Email Gateway Last reviewed 702 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW VPN & Remote Access Gateway Last reviewed 764 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW VPN & Remote Access Gateway Last reviewed 218 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Azure AD Last reviewed 306 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Azure AD Last reviewed 728 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Azure AD Last reviewed 241 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW CEVA Logistics TMS Last reviewed 268 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Risk Management System Last reviewed 644 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Risk Management System Last reviewed 280 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Crew Management System Last reviewed 296 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Invoice Processing System Last reviewed 370 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW CRM Salesforce Last reviewed 239 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Marketing Automation Last reviewed 282 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Business Intelligence Platform Last reviewed 619 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Compliance Reporting Tool Last reviewed 673 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Privileged Access Workstation Last reviewed 671 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Backup & Recovery System Last reviewed 534 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Whistleblowing Platform Last reviewed 257 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Container Planning System Last reviewed 743 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Rate Management System Last reviewed 319 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Rate Management System Last reviewed 751 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Warehouse Management System Last reviewed 256 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Tax Management System Last reviewed 323 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Audit Management System Last reviewed 746 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW M&A Dataroom Last reviewed 552 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Sanctions Screening Tool Last reviewed 583 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Anti-Money Laundering System Last reviewed 399 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Port Community System Integration Last reviewed 332 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Staging Environment Last reviewed 285 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Employee Self-Service Portal Last reviewed 494 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Travel & Expense Management Last reviewed 354 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW File Sharing OneDrive Last reviewed 259 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW CI/CD Pipeline Azure DevOps Last reviewed 787 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Container Registry ACR Last reviewed 622 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Legacy Billing System Last reviewed 400 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH STALE_REVIEW Legacy Billing System Last reviewed 576 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW EMEA Regional HR Portal Last reviewed 719 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW APAC Regional Finance Portal Last reviewed 709 days ago (threshold: 180 days) Schedule immediate access review with application owner
MEDIUM STALE_REVIEW Americas Logistics Portal Last reviewed 314 days ago (threshold: 180 days) Schedule immediate access review with application owner
HIGH UNDOCUMENTED_CONNECTION SAP Finance ERP Connection CONN0006 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION Freight Booking Platform Connection CONN0019 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION Port Operations Dashboard Connection CONN0027 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION VPN & Remote Access Gateway Connection CONN0050 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION SIEM Splunk Connection CONN0136 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION Privileged Access Workstation Connection CONN0140 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION Audit Management System Connection CONN0194 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION Sanctions Screening Tool Connection CONN0206 has no documented status Review and document connection status within 14 days
MEDIUM UNDOCUMENTED_CONNECTION Project Management Jira Connection CONN0228 has no documented status Review and document connection status within 14 days
HIGH UNDOCUMENTED_CONNECTION Kubernetes Cluster AKS Connection CONN0239 has no documented status Review and document connection status within 14 days
MEDIUM UNKNOWN_OWNER Privileged Access Workstation No registered application owner Assign owner in application inventory within 7 days
MEDIUM UNKNOWN_OWNER Dev Test Environment No registered application owner Assign owner in application inventory within 7 days
MEDIUM UNKNOWN_OWNER Internal Wiki Confluence No registered application owner Assign owner in application inventory within 7 days
MEDIUM UNKNOWN_OWNER API Gateway No registered application owner Assign owner in application inventory within 7 days

Data Maintenance Model

Automatic (this pipeline)

  • Runs on schedule to refresh connection map from all source systems
  • Flags stale reviews, missing connections, and undocumented entries automatically
  • Rebuilds department scorecard and remediation priority queue on every run
  • Regenerates HTML report, master map CSV, and gap report on each run
  • Appends audit log entry per run for full traceability

Manual (defined process — see feeding_rules.yaml)

  • Application owners update connection_log.csv after each access review
  • Sensitivity classification confirmed by Data Protection Officer quarterly
  • IAM team updates iam_product_registry.json when products are added or retired
  • Unknown owners resolved within 7 days of gap detection
  • Feeding rules reviewed annually by IAM governance team

Communication Channels

  • HTML report → Control Tower team via intranet SharePoint (weekly)
  • Master map CSV → GRC tooling and audit systems via automated integration
  • Gap report → Application owners via email distribution list (weekly Monday 08:00)
  • Remediation queue → ServiceNow tickets raised automatically for CRITICAL items
IAM Connection Governance Pipeline · CMA CGM Control Tower Simulation · 2026-03-09