Ensure the root user account does not have access keys provisioned
AWS root user has full rights over everything within your account. Best practice is to follow an access plan for least privilege access. For this reason it is considered a security best practice to ensure the account is not used and monitor its usage. Ensuring that the root account is not used will help you with CIS and NIST Compliance.