GOV-01: Review Stale User Accounts
Frequently asked questions about implementing and managing the GOV-01 security control in Microsoft 365 and Entra ID.
Free baseline scan · No credit card · 5 minute setup
QWhat is GOV-01 (Review Stale User Accounts)?▼
GOV-01 is a security control that unused accounts are common attacker footholds. former employees, contractors, or forgotten accounts can be compromised without detection. regular review ensures only active users retain access. It requires that user accounts inactive for 90+ days are identified and reviewed and stale accounts are either disabled, deleted, or documented as exceptions, sign-in activity is reviewed at least quarterly.
QWhy is Review Stale User Accounts important for Microsoft 365 security?▼
Unused accounts are common attacker footholds. Former employees, contractors, or forgotten accounts can be compromised without detection. Regular review ensures only active users retain access.
QHow do I implement GOV-01 in my tenant?▼
TrueConfig provides one-click remediation for GOV-01. TrueConfig can disable a specific stale account in one click (disable_stale_account). The manual alternative is reviewing and disabling inactive accounts in the Entra admin center.
QWhat license do I need for GOV-01?▼
This control can be implemented with any Microsoft 365 subscription, including free Azure AD.
QWhich security baseline includes GOV-01?▼
GOV-01 is included in the TrueConfig Recommended Secure baseline (Level 1). This is the foundation level suitable for most organizations.
5
Questions
1
Related Controls
—
Categorized
Related Resources
Still have questions?
Our security experts are here to help. Start a free trial and get personalized guidance for your Microsoft 365 environment.
Start Free Trial