The organization should maintain an up-to-date record of users who have authorized access to offered cloud services.
There should be a profile for each user that contains a set of data necessary (e.g user ID and other authentication information) to implement technical controls for providing authorized access.