Access Control (AC)
Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).
Access Control (AC)
Limit information system access to the types of transactions and functions that authorized users are permitted to execute.
Access Control (AC)
Level 1
Verify and control/limit connections to and use of external information systems.
Access Control (AC)
Control information posted or processed on publicly accessible information systems.
Access Control (AC)
Limit system access to authorized users, processes acting on behalf of authorized users, and devices (including other systems).
Access Control (AC)
Limit system access to the types of transactions and functions that authorized users are permitted to execute.
Access Control (AC)
Level 2
Control the flow of CUI in accordance with approved authorizations.
Access Control (AC)
Level 2
Separate the duties of individuals to reduce the risk of malevolent activity without collusion.
Access Control (AC)
Level 2
Employ the principle of least privilege, including for specific security functions and privileged accounts.
Access Control (AC)
Level 2
Use non-privileged accounts or roles when accessing nonsecurity functions.
