graphgrc

SCF - IAC-20 - Access Enforcement

Mechanisms exist to enforce Logical Access Control (LAC) permissions that conform to the principle of “least privilege.”

Mapped framework controls

ISO 27002

• A.5.18

NIST 800-53

• AC-3

SOC 2

• CC6.1

Control questions

Does the organization enforce Logical Access Control (LAC) permissions that conform to the principle of “least privilege?”

This site is open source. Improve this page.