AC — Access Control
54 controls in the Access Control family
AC-01Policy and Procedures
AC-02Account Management
AC-02(01)Account Management | Automated System Account Management
AC-02(02)Account Management | Automated Temporary and Emergency Account Management
AC-02(03)Account Management | Disable Accounts
AC-02(04)Account Management | Automated Audit Actions
AC-02(05)Account Management | Inactivity Logout
AC-02(07)Account Management | Privileged User Accounts
AC-02(09)Account Management | Restrictions on Use of Shared and Group Accounts
AC-02(10)AC-02(10)
AC-02(11)AC-02(11)
AC-02(12)Account Management | Account Monitoring for Atypical Usage
AC-02(13)Account Management | Disable Accounts for High-risk Individuals
AC-03Access Enforcement
AC-04Information Flow Enforcement
AC-04(08)AC-04(08)
AC-04(21)Information Flow Enforcement | Physical or Logical Separation of Information Flows
AC-05Separation of Duties
AC-06Least Privilege
AC-06(01)Least Privilege | Authorize Access to Security Functions
AC-06(02)Least Privilege | Non-privileged Access for Nonsecurity Functions
AC-06(03)AC-06(03)
AC-06(05)Least Privilege | Privileged Accounts
AC-06(07)Least Privilege | Review of User Privileges
AC-06(08)AC-06(08)
AC-06(09)Least Privilege | Log Use of Privileged Functions
AC-06(10)Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions
AC-07Unsuccessful Logon Attempts
AC-07(02)AC-07(02)
AC-08System Use Notification
AC-10AC-10
AC-11Device Lock
AC-11(01)Device Lock | Pattern-hiding Displays
AC-12Session Termination
AC-12(01)AC-12(01)
AC-14Permitted Actions Without Identification or Authentication
AC-17Remote Access
AC-17(01)Remote Access | Monitoring and Control
AC-17(02)Remote Access | Protection of Confidentiality and Integrity Using Encryption
AC-17(03)Remote Access | Managed Access Control Points
AC-17(04)Remote Access | Privileged Commands and Access
AC-17(09)AC-17(09)
AC-18Wireless Access
AC-18(01)Wireless Access | Authentication and Encryption
AC-18(03)Wireless Access | Disable Wireless Networking
AC-18(04)AC-18(04)
AC-18(05)AC-18(05)
AC-19Access Control for Mobile Devices
AC-19(05)Access Control for Mobile Devices | Full Device or Container-based Encryption
AC-20Use of External Systems
AC-20(01)Use of External Systems | Limits on Authorized Use
AC-20(02)Use of External Systems | Portable Storage Devices — Restricted Use
AC-21Information Sharing
AC-22Publicly Accessible Content