>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

IAM-38End-user Access to Applications and Data

>Control Description

Organization applications secure user data and maintain confidentiality by default or according to permissions set by the individual; Organization authenticates individuals with unique identifiers and passwords prior to enabling access to: • use the application • view or modify their own data

Theme

Technology

Type

Preventive

Policy/Standard

Customer Authentication Standard

>Implementation Guidance

1. Ensure that individuals are given unique identifiers and passwords prior to enabling access. 2. Ensure that passwords used by the consumer are protected using proper encryption in transmission and storage.

>Testing Procedure

1. Inspect the authentication method for consumers, and confirm that individuals are given unique identifiers and passwords prior to enabling access. 2. Ensure that passwords used by the consumer are protected using proper encryption in transmission and storage.

>Audit Artifacts

E-IAM-51
E-IAM-52
E-IAM-53

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

PCI DSS
2

8.3.10
8.3.10.1

Cyber Essentials
1

SC

Ask AI

Configure your API key to use AI features.