graphgrc

SCF - IAC-21.3 - Privileged Accounts

Mechanisms exist to restrict the assignment of privileged accounts to organization-defined personnel or roles without management approval.

Mapped framework controls

ISO 27002

• A.5.18

NIST 800-53

• AC-6(5)

Control questions

Does the organization restrict the assignment of privileged accounts to organization-defined personnel or roles without management approval?

This site is open source. Improve this page.