IAM-09—Shared Account Restrictions

>Control Description

Where applicable, the use of generic and shared accounts to administer systems or perform critical functions is prohibited; generic user IDs are disabled or removed.

Theme

Process

Type

Preventive

Policy/Standard

Access Management Procedure

>Implementation Guidance

1. Ensure that there are no generic or shared accounts used. 2. Ensure that production access is controlled and does not use generic or shared accounts.

>Testing Procedure

1. Review and ensure that there are no generic or shared accounts. 2. Validate for a sample of services that production access is controlled and is configured to use unique user accounts and that a generic or shared ID is not used..

>Audit Artifacts

E-IAM-12

E-IAM-13

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

Ask AI

Configure your API key to use AI features.

>Control Description

Theme

Type

Policy/Standard

>Implementation Guidance

>Testing Procedure

>Audit Artifacts

>Framework Mappings

CIS Controls1

FedRAMP Rev 51

PCI DSS2

TX-RAMP1

Ask AI

CIS Controls
1

FedRAMP Rev 5
1

PCI DSS
2

TX-RAMP
1