# Zero Standing Privilege Implementation Template

## Project Overview

| Field | Value |
|-------|-------|
| Organization | |
| CyberArk Platform Version | |
| Target Clouds | AWS / Azure / GCP |
| Project Lead | |
| Start Date | |

## Standing Privilege Inventory

| Identity | Cloud | Type | Admin Policy | Last Used | Migration Wave |
|----------|-------|------|-------------|-----------|----------------|
| | AWS/Azure/GCP | User/Role | | | |

## ZSP Policy Definitions

| Policy Name | Target Cloud | Entitlements | Max Duration | Approval | Certifier |
|-------------|-------------|-------------|-------------|----------|-----------|
| | | | | Auto/Manual | |

## Migration Progress

| Wave | Team | Identities | Migrated | Standing Removed | Status |
|------|------|-----------|----------|-----------------|--------|
| 1 | | | Yes/No | Yes/No | |

## Validation

- [ ] All standing privileges discovered and documented
- [ ] ZSP policies created for each access pattern
- [ ] Approval workflows tested end-to-end
- [ ] Pilot migration successful
- [ ] All standing privileges removed after migration
- [ ] Break-glass procedure documented and tested
- [ ] Session monitoring and recording enabled
- [ ] SIEM integration receiving ZSP access logs