>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

CRY-08Key Repository Access

>Control Description

Access to the cryptographic keystores is limited to authorized personnel.

Theme

Process

Type

Preventive

Policy/Standard

Cryptographic Management Policy

>Implementation Guidance

1. Ensure that the access lists of the key repositories have authorized users and reviewed periodically.

>Testing Procedure

1. Inspect the access lists of the key repositories and ensure that the users listed are authorized and reviewed previously.

>Audit Artifacts

E-CRY-17

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

ISO 27002:2022
1

8.24

PCI DSS
3

3.7.1
3.7.2
3.7.3

HIPAA Security Rule
1

164.308(a)(5)(ii)(D)

SOC 2
1

CC6.1

BSI C5
3

CRY-01
CRY-03
CRY-04

Ask AI

Configure your API key to use AI features.