AC - Access Control

AC-2 AC-2(a) AC-2b AC-2c AC-2d AC-2e AC-2f AC-2g AC-2h AC-2i AC-2j AC-2k AC-3 AC-6

AC - Access Control

Custom intro or description for this control family can go here

Total Progress on 14 Items

Progress Bar
Progress Bar
Progress Bar
Done 1020 Doing 130 Todo 250

AC-2   Account Management

Account Management


Progress Bar
Progress Bar
Progress Bar

Read

AC-2(a)  

Identifies and selects the following types of information system accounts to support organizational missions/business functions


Progress Bar
Progress Bar
Progress Bar

Read

AC-2b  

Assigns account managers for information system accounts


Progress Bar
Progress Bar
Progress Bar

Read

AC-2c  

Establishes conditions for group and role membership


Progress Bar
Progress Bar
Progress Bar

Read

AC-2d  

Specifies authorized users of the information system, group and role membership, and access authorizations (i.e., privileges) and other attributes (as required) for each account


Progress Bar
Progress Bar
Progress Bar

Read

AC-2e  

Requires approvals by [assignment] for requests to create information system accounts


Progress Bar
Progress Bar
Progress Bar

Read

AC-2f  

Creates, enables, modifies, disables, and removes information system accounts in accordance with organization-defined procedures or conditions


Progress Bar
Progress Bar
Progress Bar

Read

AC-2g  

Monitors the use of information system accounts


Progress Bar
Progress Bar
Progress Bar

Read

AC-2h  

Notifies account managers 1. When accounts are no longer required 2. When users are terminated or transferred 3. When individual information system usage or need-to-know changes


Progress Bar
Progress Bar
Progress Bar

Read

AC-2i  

Authorizes access to the information system based on 1. A valid access authorization 2. Intended system usage 3. Other attributes as required by the organization or associated missions/business functions.


Progress Bar
Progress Bar
Progress Bar

Read

AC-2j  

Reviews accounts for compliance with account management requirements organization-defined frequency


Progress Bar
Progress Bar
Progress Bar

Read

AC-2k  

Establishes a process for reissuing shared/group account credentials (if deployed) when individuals are removed from the group.


Progress Bar
Progress Bar
Progress Bar

Read

AC-3   Access Enforcement

The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies.


Progress Bar
Progress Bar
Progress Bar

Read

AC-6   Least Privilege

The organization General Federal Agency employs the principle of least privilege, allowing only authorized accesses for users (or processes acting on behalf of users) which are necessary to accomplish assigned tasks in accordance with organizational missions and business functions.


Progress Bar
Progress Bar
Progress Bar

Read